"goldrimtang" wrote:

"goldrimtang" wrote:

"goldrimtang" wrote:
Hello,

I have set up one method of an stateless session bean as a web service. It all goes well when called from an axis client. The problem comes when calling it from a C# client. Yet, the errors are somewhat odd and I'm not sure that the client is the one to blame:

1) The first issue is when calling the webservice for the first time. I can't do this with the C# client. If the very first call comes from it, I get:

dotnet:

[exec] Unhandled Exception: System.Web.Services.Protocols.SoapException: Access denied.
[exec] at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
[exec] at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
[exec] at UserSessionService.getUserWS(Int32 in0) in c:\bop\build\ws\cs\bettyWSTest.cs:line 38
[exec] at DotNetWSTest.Main(String[] args) in c:\bop\build\ws\cs\DotNetWSTest.cs:line 13

BUILD FAILED
file:c:/bop/build.xml:622: exec returned: -532459699

But as soon as I make a call from a Java/Axis client, subsequent calls from the C# client go well. This make me think that there's something wrong with the server. How can it accept calls from C# clients only after been called from an Axis client and never before?

2) When calling the webservice from the C# client, I can't call context.getCallerPrincipal().getName(); without getting an exception:

11:01:26,675 ERROR [LogInterceptor] RuntimeException:
java.lang.SecurityException: No security context set
at com.sapienter.betty.server.user.WSMethodSecurityProxy.invoke(WSMethodSecurityProxy.java:78)
at org.jboss.ejb.plugins.SecurityProxyInterceptor.invoke(SecurityProxyInterceptor.java:165)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)

No problems when calling from the Axis client. The interesting thing is that the call is being authenticated by Jboss, meaning that if the username/password in the credentials of the C# code are invalid, I would get and 'Access denied' response from the server. In other words, if I don't have a call to context.getCallerPrincipal().getName() the authentication is performed properly and all goes well. So basically what I'm getting is that the Principal is not being set only when a call from C# comes.

This is the C# code for the client:

using System;
using System.Net;

public class DotNetWSTest {
public static void Main(String[] args) {
UserSessionService service = new UserSessionService();
NetworkCredential cre = new NetworkCredential();
cre.UserName = "root";
cre.Password = "dddd";
service.PreAuthenticate = true;
service.Credentials = cre;

UserWS result = service.getUserWS(9);
Console.WriteLine("result = " + result.language);
Console.WriteLine("result credit card name = " + result.creditCard.name);
}
}

The method exposed as a web service:

/**
* @ejb.permission unchecked="true"
*
* @jboss-net.web-service urn="billing"
* @jboss-net.authentication domain="betty"
* validate-unauthenticated-calls="true"
* @jboss-net.authorization domain="betty"
* roles-allowed="1,2"
* roles-denied="3,4,5"
* @jboss.security-proxy name="com.sapienter.betty.server.user.WSMethodSecurityProxy"
*/

.... class declaration ...

/**
* @ejb:interface-method view-type="remote"
* @jboss-net.web-method
* @jboss-net.wsdd-operation returnQName="UserInfo"
*/
public UserWS getUserWS(Integer userId)
throws SessionInternalError{
UserWS dto = null;
// calling from dot.net seems to not have a context set. So then when calling
// getCallerPrincipal the client gets a 'No security context set' exception
// log.debug("principal = " + context.getCallerPrincipal().getName());
try {
UserBL bl = new UserBL(userId);
dto = bl.getUserWS();
} catch (Exception e) {
throw new SessionInternalError(e);
}

return dto;
}



I am using Jboss 3.2.3 with tomcat, and the latest version of .NET SDK

Thanks very much in advance! Any help is appreciated,