next up previous
Next: Configuration Up: Axis Authorization Handler Previous: Axis Authorization Handler

Internal structure

The Axis Authorization Handler needs to communicate with one instance of Authorization Manager, since it delegates to that instance all authorization decisions. The current deployment model uses one instance of Authorization Manager for each web application. This single instance is shared among the Authorization Handler, the Administration GUI and any other program belonging to the web application that needs to use the Authorization Manager API.
The Authorization Handler can be placed in the <requestFlow> section of a particular service, to protect only that service, or in the <globalConfiguration> section, to protect all services defined in the web application.



2004-05-05