1 Reply Latest reply on Oct 27, 2006 12:00 AM by jason.greene

    secured EJB webservice endpoint

      Hi

      I'm looking forward to expose secured EJB webservice endpoint. My EJB is protected with JAAS security domain (DatabaseLoginModule with ClientLoginModule works fine). I'm able to deploy EJB as a webservice using annotations. All works really well. When i call webservice within a client code i can call EJB WebMethods that has @PermitAll annotation. My problem occurs with methods that are allowed only for JAAS authorized users (@RolesAllowed({...})). When i call such a method i recive

      Caused by: java.lang.SecurityException: Insufficient permissions, principal=null, requiredRoles=[showKlient], principalRoles=[]
      


      it's normal behaviour becouse my client isn't authorized with JAAS. I wonder how to do JAAS login via SOAP. It would be great to do it with a pySOAP (python) or SOAPLite (perl) clients

      I read a lot on a jBoss forum and i didn't find anything

      thx in advance
      Lucas