Is it possible to secure jUDDI Registry in JBoss ESB ?

Solution Unverified - Updated -

Issue

  • The Chapter 19.9 of ESB Services Guide [1] describes how to secure the jUDDI Registry with an JBossAuthenticator , but configuration is not possible in SOA-P 5.x version due to the fact that the proposed authenticator class is not available in the distribution. Same problem exists with the steps described in Securing the Service Registry chapter of Administration Guide [2] .
  • The default configuration of jUDDI Registry poses a security leak, since the API to bind services to the registry is publicly available through the JNDI Tree. Apart from that, the pre-configured JUDDIAuthenticator does not provide any security, since it does no real authentication. So, the obvious question arises, how to secure jUDDI Registry in JBoss ESB.
    Is there a way to do it?

[1] https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_SOA_Platform/5/html/ESB_Services_Guide/Configure_JBoss_Authentication2.html
[2] https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_SOA_Platform/5/html/Administration_Guide/chap-Securing_the_Service_Registry.html#Configure_JBoss_Authentication2

Environment

  • Red Hat JBoss SOA Platform (SOA-P)
    • 5.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In