-
3. Re: anyone know the Username and Password for accessing the
sthalkidis Mar 7, 2006 4:06 AM (in response to zoolai)Did you try with username the name of the keystore and
password the password of the keyword?
Actually I have deployed a Stateless Session Bean as a
Web Service Endpoint over http and not https. I am trying
to protect the wsdl file from unauthenticated access because
examining the wsdl file can help starting a Web Service Security
related attack. Could you explain to me how you did achieve it
that authentication is required before seeing the wsdl file.
Thanks in advance,
Spyros Halkidis -
4. Re: anyone know the Username and Password for accessing the
sthalkidis Mar 7, 2006 1:43 PM (in response to zoolai)keyword --> keystore
-
5. Re: anyone know the Username and Password for accessing the
zoolai Mar 13, 2006 1:43 PM (in response to zoolai)Folks, thanks for the replies to this issue.
I was able to get the SSL EJB endpoint to work by storing the generated .wsdl file at a separate url (a regular HTTP url) and accessing it from there in order to create my Service object. In this way, I avoided the realm authentication problems.
Then I created my Call object, using the proper SSL information and injected the realm credentials into its HTTP header just before executing the invoke() method:
call.setUsername(HTTPS_AUTH_USERID);
call.setPassword(HTTPS_AUTH_PASSWD);
Hope this helps.
I'm also experimenting with injecting the credentials into the initial Service object's HTTP header (to avoid storing the .wsdl file at a separate locatioin) but no joy so far. -
6. Re: anyone know the Username and Password for accessing the
zoolai Mar 13, 2006 1:57 PM (in response to zoolai)By the way, the realm credentials I mentioned above have nothing to do with the SSL keystore information - these credentials have to be defined in the EJB config files (in \server\xxx\conf\props\*.properties) and directly in the bean's xdoclet code:
e.g.
@ejb.security-role-ref
role-name="JBossAdmin"
@ejb.security-identity
description="The Manager"
run-as="administrator"
@ejb-permission
role-name="JBossAdmin"