-
2. Re: WSIT
I did. I also found the following paragraph to be a sadly untrue:
The JBossWS-Metro source distribution comes with some samples using X.509 certificate signature and encryption as well as Username Token Profile. You can find them in package org.jboss.test.ws.jaxws.samples.wsse
There were a bunch of tests that ran and claimed to pass on install of metro, but the wsse sample wasn't there.
The page you directed me to wasn't exactly an in-depth step by step on getting WSIT working under JBoss. In fact, following the link to https://jax-ws.dev.java.net/guide/Configuring_Security_Using_NetBeans_IDE.html was exactly how I got my glassfish example working. I tried adding a RealmAuthenticator as well, but to be honest, I'm not even sure what that was supposed to be accomplishing.
What I really need are step by step instructions on moving from the linked example that worked in glassfish to a working version on JBoss. I imagine I'm missing something pretty basic, but I just can't find any starter information that doesn't assume I'm already a JBoss expert. Because I'm certainly not.
Thanks for getting back to me. Any more help you can bring would be greatly appreciated. -
3. Re: WSIT
Hi! I've been using the Metro stack from some time ago till now with many of the WS specs, having good results (including .NET interop) in some tests and not so in other. Fortunatelly, I can tell that WS-Security with X.509 certificates the stack works well in JBoss. I used the NetBeans IDE to develop the service and then deployed it on JBoss after solving some deployment issues.
Could you please be more specific with your problem?
Cheers
Guzman -
4. Re: WSIT
First of all, this might sound obvious, but make sure you correctly installed JBossWS-Metro. Words can be quite misleading, but when you say "..claimed to pass on install of metro" I'm not that sure you actually meant JBossWS-Metro. Forget this if I'm wrong ;-)
"nslager" wrote:
I did. I also found the following paragraph to be a sadly untrue:The JBossWS-Metro source distribution comes with some samples using X.509 certificate signature and encryption as well as Username Token Profile. You can find them in package org.jboss.test.ws.jaxws.samples.wsse
There were a bunch of tests that ran and claimed to pass on install of metro, but the wsse sample wasn't there.
The tests are there; since these are JBossWS-Metro specific tests (WS-Security is used different way in JBossWS-Native), you'll find them in the source distribution only. Perhaps you checked the binary distribution only. Otherwise look at fisheye: http://fisheye.jboss.org/browse/JBossWS/stack/metro/trunk/modules/testsuite/metro-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsseI tried adding a RealmAuthenticator as well, but to be honest, I'm not even sure what that was supposed to be accomplishing.
That class is required because Metro was originally meant to be used with Glassfish, so an external authenticator is required to work with JBoss. -
5. Re: WSIT
hi alessio,
thanks for your reply. it is especially valuable, because you are the author of org.jboss.test.ws.jaxws.samples.wsse.RealmAuthenticator and all the other sample classes that come bundled with the metro source distro:That class [RealmAuthenticator] is required because Metro was originally meant to be used with Glassfish, so an external authenticator is required to work with JBoss.
i am very grateful for your comments in this thread. i am also very grateful that you have made the sample source code available.
i take your word for it, that RealmAuthenticator is required. however, there are a lot of things regarding that class - in both in the jboss documentation and in the glassfish documentation - that still is not obvious. even after i've read it and tried (and failed) to implement it over and over dozens of times!
* is it also required, for example, that a user with username "kermit" (taking your example) be created as a user in jboss?
* or, is RealmAuthenticator just a no-op kind of placeholder? only there because jboss needs any RealmAuthenticator implementation - regardless of whether it does anything meaningful?
* am i correct to assume that every caller of our service is required to have a username in our system?
thanks in advance for your reply.
