Using the Default Application Router
5-4 Oracle WebLogic Server SIP Container Developer’s Guide
a unique key and annotate that method with SipApplicationKey. When the SIP container selects that application for example, as a result of the AR choosing it for an
initial request, it obtains a key using the annotated method, and uses the key and application name to determine if the SipApplicationSession exists. If one exists,
the container associates the new request with the existing session, rather than generating a new session.
See section 15 in the SIP Servlet Specification v1.1 http:jcp.orgenjsrdetail?id=289
for more information about using session key-based targeting.
Note: If you develop a spiral proxy application using this targeting
mechanism, and the application modifies the record-route more than once, it must generate different keys for the initial request, if
necessary, when processing record-route hops. If it does not, then the application cannot discriminate record-route hops for subsequent
requests.
Securing SIP Servlet Resources 6-1
6
Securing SIP Servlet Resources
The chapter describes how to apply security constraints to SIP Servlet resources when deploying to WebLogic Server, in the following sections:
■
Section 6.1, Overview of SIP Servlet Security
■
Section 6.2, Triggering SIP Response Codes
■
Section 6.3, Specifying the Security Realm
■
Section 6.4, Role Mapping Features
■
Section 6.5, Using Implicit Role Assignment
■
Section 6.6, Assigning Roles Using security-role-assignment
■
Section 6.7, Assigning run-as Roles
■
Section 6.8, Role Assignment Precedence for SIP Servlet Roles
■
Section 6.9, Debugging Security Features
■
Section 6.10, weblogic.xml Deployment Descriptor Reference