0 Replies Latest reply on Aug 19, 2004 4:42 AM by serjik

    JBossAuthorisationHandler - AccessDenied Exception

    serjik

      Hi,

      I use JBoss 3.2.3. I wrote a simple web service and a simple client in Java. And I want to protect my service using application's realm, so I added Jboss authentification and autorisation handlers to my service. When I deploy my application (ear containing war and wsr) for the first time - I get the "Access Denied" exception from JBoss autorisation handler. When I deploy for the second time my application - everything works fine.

      Any Ideas ?

      My web-services.xml :

      <deployment
       xmlns="http://xml.apache.org/axis/wsdd/"
       xmlns:xsi="http://www.w3.org/2000/10/XMLSchema-instance"
       xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
      
       <service name="TariffService" provider="java:RPC">
       <parameter name="className" value="TariffService"/>
       <parameter name="allowedMethods" value="getTariff"/>
      
       <requestFlow name="TariffServiceRequest">
       <handler type="java:org.jboss.net.axis.server.JBossAuthenticationHandler">
       <parameter name="securityDomain" value="java:/jaas/pilot"/>
       <parameter name="validateUnauthenticatedCalls" value="false"/>
       </handler>
       <handler type="java:org.jboss.net.axis.server.JBossAuthorizationHandler">
       <parameter name="securityDomain" value="java:/jaas/pilot"/>
       <parameter name="allowedRoles" value="user"/>
       <parameter name="deniedRoles" value=""/>
       </handler>
       </requestFlow>
       <responseFlow name="TariffServiceResponse">
       </responseFlow>
       </service>
      
      </deployment>
      



      My web service:
      public class TariffService
      {
       public int getTariff(String type)
       {
       System.out.println("Tariff service invoked: type='" + type + "'");
       int result = 0;
       if( type.equalsIgnoreCase("AUTO") )
       {
       result = 350;
       }
       else if( type.equalsIgnoreCase("HABITATION") )
       {
       result = 250;
       }
       else if( type.equalsIgnoreCase("LIFE") )
       {
       result = 200;
       }
       return result;
       }
      }
      
      


      Thanks for your help,
      Serghei.