Should the <globals> configuration be placed in every jboss-esb.xml when applying SOA 5.3.1 Roll-up patch #1 ?

Solution Verified - Updated -

Issue

  • I am trying to apply the security patch BZ-915386, in which the last part of the README.txt mentioned to change jboss-esb.xml file:
Additional notes:
This patch introduces changes to CXF that cause target web services invoked by
SOAPClient, that are deployed on SOA-P, to be more restrictive. 
The target web services used to behave in a more lenient way towards requests
that had a SOAPAction header and no named action.  This previously lenient
behavior is now more restrictive-- a proper name will be required.  This can
be seen in the webservice_consumer1 and webservice_consumer2 quickstarts when
used with CXF.  Customers adversely affected by this change are advised to
please open a support ticket, Red Hat will assist.  We regret any
inconvenience our more strict adherence to spec may cause.

In order to enable WS-Security with this patch applied, you must use the
global 
<war-security> configuration element at the beginning of the jboss-esb.xml
file.
For example:

<jbossesb ...>
    <globals>
        <war-security domain="JBossWS" />
    </globals>
    ...
</jbossesb>
  • Should the <globals> tag be placed in every jboss-esb.xml file or only the web service related esb's? For instance, should the jbossesb.esb, slsb.esb, smooks.esb, soap.esb be updated with the <globals> tag?

Environment

  • JBoss Enterprise SOA Platform (SOA-P)
    • 5.3.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In