Should the <globals> configuration be placed in every jboss-esb.xml when applying SOA 5.3.1 Roll-up patch #1 ?
Issue
- I am trying to apply the security patch BZ-915386, in which the last part of the
README.txtmentioned to changejboss-esb.xmlfile:
Additional notes:
This patch introduces changes to CXF that cause target web services invoked by
SOAPClient, that are deployed on SOA-P, to be more restrictive.
The target web services used to behave in a more lenient way towards requests
that had a SOAPAction header and no named action. This previously lenient
behavior is now more restrictive-- a proper name will be required. This can
be seen in the webservice_consumer1 and webservice_consumer2 quickstarts when
used with CXF. Customers adversely affected by this change are advised to
please open a support ticket, Red Hat will assist. We regret any
inconvenience our more strict adherence to spec may cause.
In order to enable WS-Security with this patch applied, you must use the
global
<war-security> configuration element at the beginning of the jboss-esb.xml
file.
For example:
<jbossesb ...>
<globals>
<war-security domain="JBossWS" />
</globals>
...
</jbossesb>
- Should the
<globals>tag be placed in everyjboss-esb.xmlfile or only the web service related esb's? For instance, should thejbossesb.esb,slsb.esb,smooks.esb,soap.esbbe updated with the<globals>tag?
Environment
- JBoss Enterprise SOA Platform (SOA-P)
- 5.3.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
