Oracle Server E10293-02 Manuel d'utilisateur télécharger pdf (Page 41)

Configuring Application Security

Advanced SIP Servlet Configuration 3-5

If a SIP client sends a REGISTER request to a server as illustrated in Example 3–4, then

a 401 (Unauthorized) message is returned to the client. If the authentication succeeds,

then the roles of the user are checked against the role names set in the

<auth-constraint>.

Example 3–4 Configuring Security Constraints

<security-constraint>

<display-name>MyServlet Security Constraint</display-name>

<resource-collection>

<resource-name>MyServletResource</resource-name>

<description>Securing MyServlet</description>

<servlet-name>MyServlet</servlet-name>

<sip-method>REGISTER</sip-method>

</resource-collection>

<auth-constraint>

<role-name>Location Service</role-name>

</auth-constraint>

</security-constraint>

If the user re-sends the REGISTER request which is subsequently authenticated, then

then the container checks the roles of the user against the required Location

Service role. A 403 Response (Forbidden) message is sent if the user does not have the

appropriate role.

1 2 ... 36 37 38 39 40 41 42 43 44 45 46 ... 107 108

Pas de commentaire

Oracle Server E10293-02 Manuel d'utilisateur Page 41