Next: Configuration
Up: Axis Authorization Handler
Previous: Axis Authorization Handler
The Axis Authorization Handler needs to communicate with one instance of
Authorization Manager, since it delegates to that instance all authorization
decisions.
The current deployment model uses one instance of Authorization Manager
for each web application. This single instance is shared among the
Authorization Handler, the Administration GUI and any other program belonging
to the web application that needs to use the Authorization Manager API.
The Authorization Handler can be placed in the <requestFlow> section
of a particular service, to protect only that service, or in the
<globalConfiguration> section, to protect all services defined in
the web application.
2004-05-05