Should the <globals> configuration be placed in every jboss-esb.xml when applying SOA 5.3.1 Roll-up patch #1 ?

Solution Verified - Updated -

Issue

  • I am trying to apply the security patch BZ-915386, in which the last part of the README.txt mentioned to change jboss-esb.xml file:
Additional notes:
This patch introduces changes to CXF that cause target web services invoked by
SOAPClient, that are deployed on SOA-P, to be more restrictive. 
The target web services used to behave in a more lenient way towards requests
that had a SOAPAction header and no named action.  This previously lenient
behavior is now more restrictive-- a proper name will be required.  This can
be seen in the webservice_consumer1 and webservice_consumer2 quickstarts when
used with CXF.  Customers adversely affected by this change are advised to
please open a support ticket, Red Hat will assist.  We regret any
inconvenience our more strict adherence to spec may cause.

In order to enable WS-Security with this patch applied, you must use the
global 
<war-security> configuration element at the beginning of the jboss-esb.xml
file.
For example:

<jbossesb ...>
    <globals>
        <war-security domain="JBossWS" />
    </globals>
    ...
</jbossesb>
  • Should the <globals> tag be placed in every jboss-esb.xml file or only the web service related esb's? For instance, should the jbossesb.esb, slsb.esb, smooks.esb, soap.esb be updated with the <globals> tag?

Environment

  • JBoss Enterprise SOA Platform (SOA-P)
    • 5.3.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content