3 Replies Latest reply on Feb 14, 2006 12:29 PM by thomas.diesler

securing JAR-RPC 1.1 endpoints

new4jboss Jan 31, 2006 1:04 PM

Hello,

I've searched but found no reference on how to specify declarative access control for POJO endpoints. Apparently, authorization would be specified at the url level as in normal servlets, but that would involve knowing how the wsdl operation map to the urls, which I don't know. Furthemore, I need a portable way to do it and I believe ws4ee 1.1 is silent on this.

Can anyone help me on this ?

Thanks

1. Re: securing JAR-RPC 1.1 endpoints

thomas.diesler Feb 6, 2006 7:16 AM (in response to new4jboss)

http://wiki.jboss.org/wiki/Wiki.jsp?page=WSSecureEndpoint
Actions
2. Re: securing JAR-RPC 1.1 endpoints

new4jboss Feb 6, 2006 1:22 PM (in response to new4jboss)

Thanks for answering Thomas, but I've already been through that link. It only applies to SLSB though, which is not my problem. Are you saying that to have declarative security in a ws4ee portable way , I should use SLSB endpoints instead of JAX-RPC ones ?

Thanks
Actions
3. Re: securing JAR-RPC 1.1 endpoints

thomas.diesler Feb 14, 2006 12:29 PM (in response to new4jboss)

You can have the same declarative security in web.xml for java service endpoints (JSE). Securing a JSE is no different to securing a webapp.
Actions

Go to original post