Accessing a secure WSDL
peterj Mar 25, 2007 6:48 PMI have implemented the Echo web service, and client, described at http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#Bottom-Up_.28Using_wsprovide.29. Once those were working, I added BASIC authentication to the web service by adding the following to the web.xml:
<security-constraint> <web-resource-collection> <web-resource-name>Secure Echo</web-resource-name> <url-pattern>/Echo</url-pattern> </web-resource-collection> <auth-constraint> <role-name>friend</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBossWS</realm-name> </login-config> <security-role> <role-name>friend</role-name> </security-role>
and I added a jboss-web.xml as follows:
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>java:/jaas/JBossWS</security-domain> </jboss-web>
After deploying the web service, I can access the WSDL through a browser after I enter the user name and password in the pop-up dialog box.
However, I then ran into several problems:
1) How do I run wsconsume against this WSDL? There does not appear to be any mechanism to pass the user name and password to wsconsume.
2) I modified my client to set the user name and password on the BindingProvider before I call echo(), but the client fails earlier on because that same BindingProvider information is not used when the WSDL is obtained. I looked at the org.jboss.test.ws.jaxws.samples.context.WebServiceContextJSETestCase class, but it cheats - it gets the WSDL from the file system, not via HTTP.
I tried adding the annotation @WebContext(secureWSDLAccess = false) to the Echo class, and deployed it again, but even though the sever.log indicates that it picked up this setting, my browser still wants a user name and password to access the WSDL, and of course wsconsume and the client still fail (with 401 errors).
So my question: how do I go about setting the user name and password when requesting the WSDL via wsconsume or client code?
JBoss AS 5.0.0 beta2 (pulled on Mar 10)
JBoss WS 1.2.0.GA