You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org> on 2005/06/14 20:44:46 UTC

[jira] Created: (GERONIMO-676) Provide Default For EJB Web Service HTTP Basic Realm Name

Provide Default For EJB Web Service HTTP Basic Realm Name
---------------------------------------------------------

         Key: GERONIMO-676
         URL: http://issues.apache.org/jira/browse/GERONIMO-676
     Project: Geronimo
        Type: Improvement
  Components: webservices  
    Versions: 1.0-M3    
    Reporter: Aaron Mulder
 Assigned to: David Jencks 


If you make a web service out of a Session Bean, the openejb-jar.xml web-service-security settings include:

security realm name
realm name
transport guarantee
auth method

The "realm name" appears to be used in the challenge for HTTP Basic authentication, as in "Please provide username and password for 'foo'" where 'foo' is the realm name.  Of course this is all automatic in web services, so the realm name is most likely irrelevant -- the client computer will probably submit the same username and password to the server no matter what realm is used in the challenge.  However, when configuring the web container for HTTP Basic auth, we need to provide a realm name.

So the point of this issue is, let's default the realm name to "Geronimo Web Service" or some such, and make this element optional.  Since it's likely useless, it would be ideal if the user only had to provide it if for some reason it was necessary in their scenario.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Closed: (GERONIMO-676) Provide Default For EJB Web Service HTTP Basic Realm Name

Posted by "David Jencks (JIRA)" <de...@geronimo.apache.org>.

     [ http://issues.apache.org/jira/browse/GERONIMO-676?page=all ]
     
David Jencks closed GERONIMO-676:
---------------------------------

    Resolution: Fixed

Checking in modules/openejb-builder/src/java/org/openejb/deployment/SessionBuilder.java;
new revision: 1.33; previous revision: 1.32
Checking in modules/openejb-builder/src/schema/openejb-jar.xsd;
new revision: 1.20; previous revision: 1.19

> Provide Default For EJB Web Service HTTP Basic Realm Name
> ---------------------------------------------------------
>
>          Key: GERONIMO-676
>          URL: http://issues.apache.org/jira/browse/GERONIMO-676
>      Project: Geronimo
>         Type: Improvement
>   Components: webservices
>     Versions: 1.0-M3
>     Reporter: Aaron Mulder
>     Assignee: David Jencks
>      Fix For: 1.0-M5

>
> If you make a web service out of a Session Bean, the openejb-jar.xml web-service-security settings include:
> security realm name
> realm name
> transport guarantee
> auth method
> The "realm name" appears to be used in the challenge for HTTP Basic authentication, as in "Please provide username and password for 'foo'" where 'foo' is the realm name.  Of course this is all automatic in web services, so the realm name is most likely irrelevant -- the client computer will probably submit the same username and password to the server no matter what realm is used in the challenge.  However, when configuring the web container for HTTP Basic auth, we need to provide a realm name.
> So the point of this issue is, let's default the realm name to "Geronimo Web Service" or some such, and make this element optional.  Since it's likely useless, it would be ideal if the user only had to provide it if for some reason it was necessary in their scenario.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Updated: (GERONIMO-676) Provide Default For EJB Web Service HTTP Basic Realm Name

Posted by "David Jencks (JIRA)" <de...@geronimo.apache.org>.

     [ http://issues.apache.org/jira/browse/GERONIMO-676?page=all ]

David Jencks updated GERONIMO-676:
----------------------------------

    Fix Version: 1.0-M5

> Provide Default For EJB Web Service HTTP Basic Realm Name
> ---------------------------------------------------------
>
>          Key: GERONIMO-676
>          URL: http://issues.apache.org/jira/browse/GERONIMO-676
>      Project: Geronimo
>         Type: Improvement
>   Components: webservices
>     Versions: 1.0-M3
>     Reporter: Aaron Mulder
>     Assignee: David Jencks
>      Fix For: 1.0-M5

>
> If you make a web service out of a Session Bean, the openejb-jar.xml web-service-security settings include:
> security realm name
> realm name
> transport guarantee
> auth method
> The "realm name" appears to be used in the challenge for HTTP Basic authentication, as in "Please provide username and password for 'foo'" where 'foo' is the realm name.  Of course this is all automatic in web services, so the realm name is most likely irrelevant -- the client computer will probably submit the same username and password to the server no matter what realm is used in the challenge.  However, when configuring the web container for HTTP Basic auth, we need to provide a realm name.
> So the point of this issue is, let's default the realm name to "Geronimo Web Service" or some such, and make this element optional.  Since it's likely useless, it would be ideal if the user only had to provide it if for some reason it was necessary in their scenario.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira