Securing POJO Web Service in 4.0.3 SP1
parmarsanjay Oct 10, 2006 1:16 AMI have created one POJO Webservice and everything works fine but I run into issues as soon as I try to secure the Web Service. Here are the steps I am following to secure the Web Service.
-Modified the web.xml to specify the contraints.
==============================
<servlet-name>InfoServiceServlet</servlet-name>
<servlet-class>com.info.webservice.InfoServiceImpl</servlet-class>
<servlet-mapping>
<servlet-name>InfoServiceServlet</servlet-name>
<url-pattern>/InfoService</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-esource-name>
<url-pattern>/InfoService</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>InfoUser</role-name>
</auth-constraint>
</security-constraint>
- Modified the client code to pass the username/password.
==============================
((Stub) bookQuery)._setProperty(Stub.USERNAME_PROPERTY, "username");
((Stub) bookQuery)._setProperty(Stub.PASSWORD_PROPERTY, "password");
When I run the client, I get following errors on the client side.
------------
HTTP transport error: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Invalid Cont
ent-Type:text/html. Is this an error message instead of a SOAP response?
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTran
sport.java:148)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:96)
at com.zafe.webservice.ZafeInfoService_Stub.isServerAlive(ZafeInfoServic
e_Stub.java:276)
at com.zafe.test.webservice.TestInfoService.testIsServerAlive(TestInfoSe
rvice.java:264)
at com.zafe.test.webservice.TestInfoService.main(TestInfoService.java:67
)
CAUSE:
com.sun.xml.messaging.saaj.SOAPExceptionImpl: Invalid Content-Type:text/html. Is
this an error message instead of a SOAP response?
at com.sun.xml.messaging.saaj.soap.MessageImpl.identifyContentType(Messa
geImpl.java:581)
at com.sun.xml.messaging.saaj.soap.MessageImpl.(MessageImpl.java:2
54)
at com.sun.xml.messaging.saaj.soap.ver1_1.Message1_1Impl.(Message1
_1Impl.java:49)
at com.sun.xml.messaging.saaj.soap.ver1_1.SOAPMessageFactory1_1Impl.crea
teMessage(SOAPMessageFactory1_1Impl.java:43)
at com.sun.xml.rpc.client.http.HttpClientTransport.readResponse(HttpClie
ntTransport.java:241)
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTran
sport.java:113)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:96)
at com.zafe.webservice.ZafeInfoService_Stub.isServerAlive(ZafeInfoServic
e_Stub.java:276)
at com.zafe.test.webservice.TestInfoService.testIsServerAlive(TestInfoSe
rvice.java:264)
at com.zafe.test.webservice.TestInfoService.main(TestInfoService.java:67
)
- I also have modified the jboss-web.xml to specify the security domain.
Any idea why I am running into this issue? If I remove the security contraint from web.xml, everything works fine.
Cheers,
Sanjay