Release 10.1A: OpenEdge Application Server:
Administration

Role of the JSE

The WSA’s web.xml file can be set to tell the JSE that one or more of its URL paths require user authentication. When this is set, the JSE intercepts each HTTP request destined for that URL. For example, web.xml can be set so that users who try to access a WSA instance’s Web service application URL are authenticated and required to have the role WsaWebServicesUser. In fact, this is how security can be initialized during OpenEdge installation.

Note: The entries in web.xml are case-sensitive.

To continue the example, when the JSE intercepts an HTTP request destined for the WSA instance’s Web service application URL:

  1. The JSE performs HTTP Basic authentication using the user’s ID and password.

  2. If the user ID and password are valid, the JSE checks that the user ID has been granted access to the Role WsaWebServicesUser.

  3. If the user ID has been granted access, the JSE passes the HTTP request and the authenticated user ID to the WSA.

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095