ESB Services Guide describes how to secure the jUDDI Registry with an
JBossAuthenticator, but configuration is not possible in SOA-P 5.x version due to the fact that the proposed authenticator class is not available in the distribution. Same problem exists with the steps described in
Securing the Service Registrychapter of
Administration Guide .
- The default configuration of jUDDI Registry poses a security leak, since the API to bind services to the registry is publicly available through the JNDI Tree. Apart from that, the pre-configured
JUDDIAuthenticatordoes not provide any security, since it does no real authentication. So, the obvious question arises, how to secure jUDDI Registry in JBoss ESB.
Is there a way to do it?
- Red Hat JBoss SOA Platform (SOA-P)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.