Manualshelf

Corporation Server User Manual

ManualsBrandsOracle ManualsServerOracle Corporation Server E10293-02
41424344454647484950
Configuring Application Security
Advanced SIP Servlet Configuration 3-5
If a SIP client sends a REGISTER request to a server as illustrated in Example 3–4, then
a 401 (Unauthorized) message is returned to the client. If the authentication succeeds,
then the roles of the user are checked against the role names set in the
<auth-constraint>.
Example 3–4 Configuring Security Constraints
<security-constraint>
<display-name>MyServlet Security Constraint</display-name>
<resource-collection>
<resource-name>MyServletResource</resource-name>
<description>Securing MyServlet</description>
<servlet-name>MyServlet</servlet-name>
<sip-method>REGISTER</sip-method>
</resource-collection>
<auth-constraint>
<role-name>Location Service</role-name>
</auth-constraint>
</security-constraint>
If the user re-sends the REGISTER request which is subsequently authenticated, then
then the container checks the roles of the user against the required Location
Service role. A 403 Response (Forbidden) message is sent if the user does not have the
appropriate role.