Is it possible to secure jUDDI Registry in JBoss ESB ?
Issue
- The
Chapter 19.9ofESB Services Guide[1] describes how to secure the jUDDI Registry with anJBossAuthenticator, but configuration is not possible in SOA-P 5.x version due to the fact that the proposed authenticator class is not available in the distribution. Same problem exists with the steps described inSecuring the Service Registrychapter ofAdministration Guide[2] . - The default configuration of jUDDI Registry poses a security leak, since the API to bind services to the registry is publicly available through the JNDI Tree. Apart from that, the pre-configured
JUDDIAuthenticatordoes not provide any security, since it does no real authentication. So, the obvious question arises, how to secure jUDDI Registry in JBoss ESB.
Is there a way to do it?
[1] https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_SOA_Platform/5/html/ESB_Services_Guide/Configure_JBoss_Authentication2.html
[2] https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_SOA_Platform/5/html/Administration_Guide/chap-Securing_the_Service_Registry.html#Configure_JBoss_Authentication2
Environment
- Red Hat JBoss SOA Platform (SOA-P)
- 5.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
