-
1. Re: BASIC Authentication with jbossws-2.0.0.GA
heiko.braun Aug 2, 2007 1:00 PM (in response to fheldt)Did you use 4.2.0 in both cases?
-
2. Re: BASIC Authentication with jbossws-2.0.0.GA
fheldt Aug 3, 2007 8:16 AM (in response to fheldt)I used jboss-4.2.1.GA (which includes jbossws-1.2.1.GA) only tweaked for .NET Webservices (restrictedUserAgents="^.*MS Web Services Client Protocol .*$" n jboss-web.deployer/server.xml). Everything works lik charm here.
Then i installed jbossws-2.0.0.GA. The log file showed no problems, but i couldn't authenticate to the webservice any longer. A SLSB webservice without authenticaton works without a problem.
The client is a simple C# .NET 2.0 program. -
3. Re: BASIC Authentication with jbossws-2.0.0.GA
amalkovskiy Aug 3, 2007 9:10 AM (in response to fheldt)I have some problem, but I use own LoginModule. And an Exception was thrown in this LoginModule when it tried to get NameCallback (or PasswordCallback). With JBossWS 1.2.1 all works fine. JBoss 4.2.0
Regards,
Alexey -
4. Re: BASIC Authentication with jbossws-2.0.0.GA
fheldt Aug 3, 2007 9:19 AM (in response to fheldt)Here are the relevant lines from the log (i enabled trace for org.jboss.security.auth.spi):
2007-08-03 15:08:18,623 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, instance=@19070485 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Security domain: dhcRealm 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/DHCDS 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT user_pass FROM Users WHERE UserID=? AND Expires>=CURRENT_DATE 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT Role,'' AS RoleGroup FROM Roles R,Users U,Users_Roles_Link UR WHERE U.UserID=? AND U.Id=UR.UserID AND R.Id=UR.RoleId 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Authenticating as unauthenticatedIdentity=null 2007-08-03 15:08:18,624 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction 2007-08-03 15:08:18,625 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: SELECT user_pass FROM Users WHERE UserID=? AND Expires>=CURRENT_DATE, with username: null 2007-08-03 15:08:18,626 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Query returned no matches from db 2007-08-03 15:08:18,626 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction 2007-08-03 15:08:18,626 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort 2007-08-03 15:08:18,626 ERROR [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] SOAP request exception javax.ejb.EJBAccessException: Authentication failure at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:98) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:206) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110) at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:595) 2007-08-03 15:08:18,628 ERROR [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] SOAP request exception javax.ejb.EJBAccessException: Authentication failure at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:98) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:206) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110) at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:595)
Here's the code:package com.hcuc.ejb; import javax.ejb.Remote; @Remote public interface EchoIf { public String echo(String name); }
package com.hcuc.ejb; import javax.annotation.security.RolesAllowed; import javax.ejb.Stateless; import javax.jws.WebMethod; import javax.jws.WebParam; import javax.jws.WebService; import javax.jws.soap.SOAPBinding; import org.jboss.annotation.security.SecurityDomain; import org.jboss.logging.Logger; import org.jboss.ws.annotation.WebContext; @Stateless @WebService //@WebService(name="HCUCService",serviceName="HCUCWebService") @SOAPBinding( style=SOAPBinding.Style.RPC, use=SOAPBinding.Use.LITERAL ) @SecurityDomain("dhcRealm") @RolesAllowed({"Admin"}) @WebContext(authMethod="BASIC", transportGuarantee="NONE", secureWSDLAccess=false) public class EchoEJB implements EchoIf { private static Logger logger = Logger.getLogger(EchoEJB.class); @WebMethod public String echo(@WebParam(name="name") String name) { if (logger.isTraceEnabled()) logger.trace(String.format("Enter echo('%s')", name)); return "Hello " + name; } }
Here's the C# client:using System; using System.Collections.Generic; using System.Text; using System.Net; using TestWSApp.WebReference; namespace TestWSApp { class Program { static void Main(string[] args) { EchoEJBService ws = new EchoEJBService(); ws.Credentials = new NetworkCredential("admin", "secret"); ws.PreAuthenticate = true; try { Console.WriteLine(ws.echo("Frank")); } catch (Exception ex) { Console.WriteLine(ex.ToString()); } Console.Write("\n\nPress any key: "); Console.ReadKey(); } } }
-
5. Re: BASIC Authentication with jbossws-2.0.0.GA
deanouk Oct 3, 2007 7:57 AM (in response to fheldt)Did you find a resolution to this issue? I'm experiencing similar problems.