4 Replies Latest reply on Jun 27, 2006 12:59 PM by hkalkhoff

JSR-181 EJB Endpoint with BASIC Authentication

fheldt Jun 8, 2006 8:37 AM

I'm currently switching a EJB WebService from JBoss.NET to JBossWS (4.0.4GA) using JSR-181/EJB3 and now i'm running into problems.

The old JBoss.NET Version had a .NET Client which authenticates via BASIC Authentication (and it works btw).

In the new JSR-181 Version i used the @PortComponent Annotation (with authMethod="BASIC"), but i doesn't work so far. The client is the same .NET program, only updated to the new wsdl. From server.log:

2006-06-08 14:15:52,760 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: SELECT user_pass FROM Users WHERE UserID=? AND Expires>=CURRENT_DATE, with username: null
...

2006-06-08 14:15:52,776 DEBUG [javax.xml.rpc.soap.SOAPFaultException] new SOAPFaultException [code={http://schemas.xmlsoap.org/soap/envelope/}Client,string=javax.ejb.EJBAccessException: Authentication failure,actor=null,detail=null]
2006-06-08 14:15:52,776 ERROR [org.jboss.ws.jaxrpc.SOAPFaultExceptionHelper] SOAP request exception
javax.ejb.EJBAccessException: Authentication failure
 at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
 at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:71)
 at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
...

The SessionBean:

@Stateless
@WebService(
 name="MyService",
 serviceName="MyService"
)
@SOAPBinding(
 style=SOAPBinding.Style.RPC,
 use=SOAPBinding.Use.LITERAL
)
@PortComponent(authMethod="BASIC")
@SecurityDomain("myRealm")
@RolesAllowed({"Admin", "Operator", "User"})
public class WebServiceEJB implements WebServiceIf
{
...
}

Any idea what's going wrong?

1. Re: JSR-181 EJB Endpoint with BASIC Authentication

thomas.diesler Jun 12, 2006 12:41 AM (in response to fheldt)

This should be fixed in jbossws-1.0.1
Actions
2. Re: JSR-181 EJB Endpoint with BASIC Authentication

alxs Jun 22, 2006 5:14 AM (in response to fheldt)

"thomas.diesler@jboss.com" wrote:
This should be fixed in jbossws-1.0.1

Since I ran into the same problem I wonder how I can figure out what version was installed with my jboss 4.0.4.GA and how I can upgrade to 1.0.1 or newer?

Thanks,
Alex
Actions
3. Re: JSR-181 EJB Endpoint with BASIC Authentication

hkalkhoff Jun 27, 2006 10:48 AM (in response to fheldt)

I am having a similar issue with JSR-191 EJB. The testRemoteAccess() test is successful, but the testWebService() fails.

public void testRemoteAccess() throws Exception {
InitialContext iniCtx = getInitialContext();
YoRemoteInterface ejb3Remote = (YoRemoteInterface)iniCtx.lookup("/ejb3/YoEndpointInterface");

SecurityAssociation.setPrincipal(new SimplePrincipal("removed"));
SecurityAssociation.setCredential("removed");

String helloWorld = "dummy";
Object retObj = ejb3Remote.dummy();
assertEquals(helloWorld, retObj);
}

public void testWebService() throws Exception {
assertWSDLAccess();

InitialContext iniCtx = getInitialContext();
Service service = (Service)iniCtx.lookup("java:comp/env/service/Yo");
YoEndpointInterface port = (YoEndpointInterface)service.getPort(YoEndpointInterface.class);

Stub stub = (Stub)port;
stub._setProperty(Stub.USERNAME_PROPERTY, "removed");
stub._setProperty(Stub.PASSWORD_PROPERTY, "removed");

String helloWorld = "dummy";
Object retObj = port.dummy();
assertEquals(helloWorld, retObj);
}

ERROR:
10:32:59,776 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[admin], principalRoles=[]
10:32:59,786 ERROR [SOAPFaultExceptionHelper] SOAP request exception
javax.ejb.EJBAccessException: Authorization failure
at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:104)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:78)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:181)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:147)
at org.jboss.ws.server.ServiceEndpointInvokerEJB3.invokeServiceEndpoint(ServiceEndpointInvokerEJB3.java:117)
at org.jboss.ws.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:118)
at org.jboss.ws.server.ServiceEndpoint.handleRequest(ServiceEndpoint.java:234)
at org.jboss.ws.server.ServiceEndpointServlet.doPost(ServiceEndpointServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.SecurityException: Insufficient permissions, principal=null, requiredRoles=[admin], principalRoles=[]
at org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:150)
at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:100)
... 33 more

Any suggestions?
Actions
4. Re: JSR-181 EJB Endpoint with BASIC Authentication

hkalkhoff Jun 27, 2006 12:59 PM (in response to fheldt)

Installation of jbossws-1.0.1 on jbossas-4.0.4.GA resolved my issue:
http://wiki.jboss.org/wiki/Wiki.jsp?page=JBWS101Install
Actions

Go to original post