Provide Default For EJB Web Service HTTP Basic Realm Name
---------------------------------------------------------
Key: GERONIMO-676
URL: http://issues.apache.org/jira/browse/GERONIMO-676
Project: Geronimo
Type: Improvement
Components: webservices
Versions: 1.0-M3
Reporter: Aaron Mulder
Assigned to: David Jencks
If you make a web service out of a Session Bean, the openejb-jar.xml
web-service-security settings include:
security realm name
realm name
transport guarantee
auth method
The "realm name" appears to be used in the challenge for HTTP Basic
authentication, as in "Please provide username and password for 'foo'" where
'foo' is the realm name. Of course this is all automatic in web services, so
the realm name is most likely irrelevant -- the client computer will probably
submit the same username and password to the server no matter what realm is
used in the challenge. However, when configuring the web container for HTTP
Basic auth, we need to provide a realm name.
So the point of this issue is, let's default the realm name to "Geronimo Web
Service" or some such, and make this element optional. Since it's likely
useless, it would be ideal if the user only had to provide it if for some
reason it was necessary in their scenario.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
