2 Replies Latest reply on Jun 7, 2005 9:28 AM by kit1078

Specifying security credentials for and Axis - EJB call

jason.greene Jun 6, 2005 6:54 PM

This forum is for J2EE Web Serivces not JBoss.NET (the 3.x versions of web services), and not axis.

-Jason

1. Re: Specifying security credentials for and Axis - EJB call

kit1078 Jun 7, 2005 4:51 AM (in response to jason.greene)

I have similar problem.

I created session EJB's endpoint and exposed it. EJB was successfully deployed and corresponding web service was accessible to clients.

Then I created simple jax-rpc client using dynamic proxies and tried to access that WS. I specified username and password as it is said in the "Java? API for XML-based RPC 1.1" specification. Following is a code snippet from the client:

final QName qname = new QName("http://kit.test/ws4j2ee/ejb/test", "MyTestService");
final ServiceFactory factory = ServiceFactory.newInstance();
final Service service = factory.createService(mwe URL("http://localhost:8080/test-ejb/TestService?wsdl"), qname);
final TestService ts = (TestService) service.getPort(TestService.class);

final javax.xml.rpc.Stub stub = (javax.xml.rpc.Stub) ts;
stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "guest");
stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, "pwd");

System.out.println("calling method 'testMethod' with value " + argument);
System.out.println("web service response: " + ts.testMethod(Integer.parseInt(argument)));

I also configured security domain in the login-config.xml and tried to invoke the client. And I got the following in the server log:

2005-06-07 12:24:22,404 DEBUG [org.jboss.webservice.server.ServiceEndpointServletEJB] doGet: http://localhost:8080/test-ejb/TestService?wsdl
2005-06-07 12:24:22,404 DEBUG [org.jboss.webservice.server.ServiceEndpointServletEJB] Set transport.url=/test-ejb/TestService
2005-06-07 12:24:22,404 DEBUG [org.jboss.webservice.server.ServiceEndpointServletEJB] Process wsdl request
2005-06-07 12:24:23,816 DEBUG [org.jboss.webservice.server.ServerEngine] invoke: org.apache.axis.MessageContext@908faf
2005-06-07 12:24:23,816 DEBUG [org.jboss.webservice.server.ServerEngine] TransportHandler: http
2005-06-07 12:24:23,816 DEBUG [org.jboss.webservice.server.InvokerProviderEJB] makeNewServiceObject: class=kit.test.ws4j2ee.TestService
2005-06-07 12:24:23,816 DEBUG [org.jboss.webservice.server.InvokerProviderEJB] Invoke EJB: public abstract int kit.test.ws4j2ee.TestService.testMethod(int) throws java.rmi.RemoteException
2005-06-07 12:24:23,826 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null
2005-06-07 12:24:23,826 DEBUG [org.jboss.ejb.plugins.LogInterceptor] SecurityException in method: public abstract int kit.test.ws4j2ee.TestService.testMethod(int) throws java.rmi.RemoteException:
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
 at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:160)
 at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:124)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke

.....

As it follows from the log, the login module was invoked but it was provided with 'null' username and password.

Can anybody tell me how I can make it work? I'm using JBoss 4.0.1 sp1.

Thanks,
Alexey.

2. Re: Specifying security credentials for and Axis - EJB call

kit1078 Jun 7, 2005 9:28 AM (in response to jason.greene)

Now I set up HTTP basic authentication for the endpoint (in jboss.xml) and tried again. And I got 401 HTTP error code (unauthorized).
Actions

Go to original post