next up previous
Next: Axis Authorization Handler Up: Configuration Previous: Configuration

Example of a complete configuration file

Here it follows an example of a configuration file for the Authorization Filter.
# Parameters of the AuthorizationFilter

# Pathname to the Authorization Manager policy configuration file.
authzManagerConfig=/var/tomcat4/conf/myWebService/AuthzManagConf.xml

# Name of the XML element in the Authorization Manager 
# configuration file that contains the Authorization Manager
# definition. Default is "null", meaning the root element.
#authzManagerConfigElement=

# Configuration file for logging (via Jakarta Log4j).
# The output file for the logging messages and the amount of logging 
# info is set there. 
log4jConfigFile=/var/tomcat4/conf/log4j.conf

# Flag to indicate if logging information must be very short.
# Default is "no".
#IsSilent=

# Default policy of the AuthorizationFilter.
# Policy to be used when the ServletRequest does not specify any 
# policy requested by the user. Default is "null".
DefaultPolicy=GridPolicy 

# Parameter within the ServletRequest containing the 
# role requested by the user. Default is "user_role".
RoleParameterName=role

# Parameter within the ServletRequest containing the 
# policy requested by the user. Default is "auth_policy".
PolicyParameterName=policy

# Parameter that can not be used in the servlet request.
# The AuthorizationFilter writes the result of the authorization 
# decision in this parameter. If the parameter is already present the 
# servlet request is immediately terminated.
# Default is "connection".
#DeniedURLParameter=

# The format of the servlet response in the case of failed authorization.
# Default is "HTTP". Alternative value is "XML".
#FailureFormat=

# Define a specific ServletRequestWrapper for the manipulation of the 
# request object passed forward through the AuthorizationFilter. 
# Default is "org.edg.security.authorization.ServletRequestWrapper".
#RequestWrapperClass=

# Role authorized to change the configuration of the Authorization Manager. 
# If the user can not be associated to such a role they cannot
# administer the Authorization Manager.
# Default is "Administrator"
#AuthorizedRole=

# Policy used to authorize the user who wants to change the configuration
# of the Authorization Manager. 
# If the user can not be authorized within this policy they cannot
# administer the Authorization Manager.
# Default is "adminPolicy"
#AuthorizedPolicy=
This configuration file defines:



2004-07-02