EJB3 SessionBean endpoint and security
cboatwright Sep 22, 2006 12:28 AMI recently [finally] had time to upgrade to Eclipse 3.2 and JBoss 4.0.4 and ejb3 and am prototyping out some Web Services using the "181" way. I did the "HelloWorld" example in the Wiki (http://wiki.jboss.org/wiki/Wiki.jsp?page=JBWS181HelloWorld) and got things working very quickly.
I then saw many examples about how to create an endpoint out of a EJB3 session bean. Again, very easy. Very nice.
However, when I searched for how to setup security, I've run into problems. I added the @SecurityDomain and so forth, but cannot get it to secure and/or a client to authenticate.
My goal is simply: create a Web Service that a client can call with a username and password that the JBoss JAAS container can handle. It appears that this can be done, but I must be missing something simple. I appears you add the "@PortComponent" and "@SecurityDomain" and "@RolesAllowed" annotations and pass in the valid information.
When a client access the Web Service it get an authentication error even though I think I'm passing in the correct username/password. I'm using the defaults (kermit/thefrog in the role "friend").
The EJB3 Stateless Session Bean endpoint:
package com.buildlinks.ejb; import java.rmi.RemoteException; import java.security.Identity; import java.security.Principal; import javax.annotation.Resource; import javax.annotation.security.RolesAllowed; import javax.ejb.EJB; import javax.ejb.SessionContext; import javax.ejb.Stateless; import javax.jws.WebMethod; import javax.jws.WebService; import javax.jws.soap.SOAPBinding; import javax.naming.Context; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.persistence.Transient; import org.jboss.annotation.security.SecurityDomain; import org.jboss.ws.annotation.PortComponent; @EJB(name="HelloWorldBean", description="", beanInterface=com.buildlinks.ejb.HelloWorld.class, beanName="HelloWorldBean") @WebService(name="HelloWorld") @SOAPBinding(style = SOAPBinding.Style.RPC) @PortComponent(authMethod="BASIC", transportGuarantee="NONE", urlPattern="/*", contextRoot="/BuildLinksEjb3") @SecurityDomain("JBossWS") @RolesAllowed("friend") /** * @author cboatwright */ public @Stateless class HelloWorldBean implements HelloWorld { @Resource @Transient SessionContext ctx; public HelloWorldBean() { System.out.println("HelloWorldBean created"); } @WebMethod public String echoString(String str1, String str2) throws RemoteException { System.out.println("str=" + str1 + ", str2=" + str2); if (ctx != null) { Principal caller = ctx.getCallerPrincipal(); Identity identity = ctx.getCallerIdentity(); System.out.println("isCallerInRole(friend)=" + ctx.isCallerInRole("friend")); System.out.println("caller=" + caller); System.out.println("identity=" + identity); } return "Thanks you for sending [" + str1 + "] and [" + str2 + "]"; } }
The calling client:
package com.buildlinks.client; import java.net.URL; import java.util.Properties; import javax.xml.namespace.QName; import javax.xml.rpc.Service; import javax.xml.rpc.ServiceFactory; import javax.xml.rpc.Stub; import org.jboss.ws.jaxrpc.ServiceFactoryImpl; import org.jboss.ws.jaxrpc.StubExt; import com.buildlinks.ejb.HelloWorld; public class WsClientTest { public static void main(String[] args) { try { // http://java.sun.com/j2se/1.4.2/docs/guide/net/properties.html Properties systemSettings = System.getProperties(); systemSettings.put("http.basic.username", "kermit"); systemSettings.put("http.basic.password", "thefrog"); // systemSettings.put("http.proxyHost", "localhost"); // systemSettings.put("http.proxyPort", "8888"); // systemSettings.put("http.nonProxyHosts", ""); // systemSettings.put("http.proxyUserName",username); // systemSettings.put("http.proxyPassword",password); System.setProperties(systemSettings); URL url = new URL("http://localhost/BuildLinksEjb3/HelloWorldBean?wsdl"); QName qname = new QName("http://ejb.buildlinks.com/jaws", "HelloWorldBeanService"); ServiceFactory factory = ServiceFactoryImpl.newInstance(); Service service = factory.createService(url, qname); HelloWorld webServiceProxy = (HelloWorld)service.getPort(HelloWorld.class); ((Stub)webServiceProxy)._setProperty(StubExt.USERNAME_PROPERTY, "kermit"); ((Stub)webServiceProxy)._setProperty(StubExt.PASSWORD_PROPERTY, "thefrog"); System.out.println("Before"); String rv = webServiceProxy.echoString("Colin", "Boatwright"); System.out.println("After"); System.out.println("rv=" + rv); } catch (Exception e) { e.printStackTrace(System.err); } } }