此内容没有您所选择的语言版本。

10.20. Further HTTP Gateway Security

To force an end-point to use a log-in, utilise the <protected-methods> and <allowed-roles> sections of a <http-bus> configuration file:

<http-bus busid="secureSalesDeletes">
    <allowed-roles>
        <role name="friend" />
    </allowed-roles>
    <protected-methods>
        <method name="DELETE" />
    </protected-methods>
</http-bus>

<http-bus busid="secureSalesDeletes">
    <allowed-roles>
        <role name="friend" />
    </allowed-roles>
    <protected-methods>
        <method name="DELETE" />
    </protected-methods>
</http-bus>

Copy to Clipboard

Toggle word wrap

The above configuration stipulates that a valid "friend" log-in is required for delete requests made on the "secureSalesDeletes" bus.

The following log-in matrix tries to illustrate which configurations will enforce a log-in, and when.

Expand

Table 10.15.
Methods Specified	Roles Specified	Log-in Required
No	No	No
No	Yes	For All Methods
Yes	Yes	For Specified Methods Only
Yes	No	No. Specified methods blocked to all.

Configure the authentication method and security domain from within the <war-security> configuration's <globals> element:

<http-provider name="http">
    <http-bus busid="secureFriends">
        <allowed-roles>
            <role name="friend" />
        </allowed-roles>
        <protected-methods>
            <method name="DELETE" />
        </protected-methods>
    </http-bus>

    <auth method="BASIC" domain="java:/jaas/JBossWS" />
</http-provider>

<http-provider name="http">
    <http-bus busid="secureFriends">
        <allowed-roles>
            <role name="friend" />
        </allowed-roles>
        <protected-methods>
            <method name="DELETE" />
        </protected-methods>
    </http-bus>

    <auth method="BASIC" domain="java:/jaas/JBossWS" />
</http-provider>

Copy to Clipboard

Toggle word wrap

The method attribute can be one of "BASIC" (default), "CLIENT-CERT" or "DIGEST".

You can configure the HTTP Transport Guarantee on a per http-bus basis by specifying it on the bus using the "transportGuarantee" attribute.

<http-bus busid="secureFriends" transportGuarantee="CONFIDENTIAL">
    <!-- etc etc -->
</http-bus>

<http-bus busid="secureFriends" transportGuarantee="CONFIDENTIAL">
    <!-- etc etc -->
</http-bus>

Copy to Clipboard

Toggle word wrap

The valid values for transportGuarantee are "CONFIDENTIAL", "INTEGRAL" and "NONE".

复制链接

Report a bug

返回顶部

此内容没有您所选择的语言版本。

10.20. Further HTTP Gateway Security

复制链接

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

此内容没有您所选择的语言版本。

10.20. Further HTTP Gateway Security

复制链接链接已复制到粘贴板!

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

复制链接