-
1. Re: JBoss.NET Authentication
essington Nov 7, 2002 4:41 PM (in response to cpairot)Hi Carles
you can get service level control of the security domain by adding the JBossAuthenticationHandler to the services request chain in the web-service.xml file like so
<!-- change this to the policy you want -->
I think you have to comment out the JBossAuthenticationHandler in the axis-config.xml file though.
There are xDoclet tags for this and the JBossAuthorizationHandler in the cvs version of jboss. I haven't managed yet to submit a patch to the xDoclet guys, so you would have to add the classes in and recompile xdoclet yourself for now.
* @jboss-net.web-service
* urn="MyService"
* scope="Session" <- or "Application" or "Request"
* expose-all="true"
*
* @jboss-net.authentication
* domain="myPolicy"
*
* @--jboss-net.authorization <-- hidden from xDoclet in this example
* domain="myPolicy"
* allowed-roles="admin,manager"
* denied-roles="user"