Authorization Failure using secure end point
mendaye Nov 30, 2007 8:26 AMHello All:
I follow the user guide on JBOSSWS2.0.GA to create basic authentication for the web services created using secure EJB3.0 end-point. However, I am getting authorization error when the consumer request the service.
Can some one help me to resolve this issue? Below is consumer, statless EJB, service end-point interface and exception thrown...
Consumer Code:
import java.net.URL; import java.util.ArrayList; import java.util.Vector; import java.util.HashMap; import javax.xml.namespace.QName; import javax.xml.ws.Service; import javax.xml.ws.BindingProvider; import com.panduit.acmnms.db.Device; import com.panduit.acmnms.db.DeviceType; import com.panduit.pvng.service.api.db.interfaces.PVNGDeviceEndPoint; import com.panduit.pvng.service.api.db.ejb.TestDeviceBean; import com.panduit.acmnms.beans.*; public class WsClientTest { static void printDeviceObj(DeviceTypeObject devTypeObj){ System.out.println("----------------------------------------------------"); System.out.println("deviceType = "+ devTypeObj.getDeviceType()); System.out.println("deviceType = "+ devTypeObj.getDescription()); System.out.println("deviceType = "+ devTypeObj.getNumberPorts()); System.out.println("deviceType = "+ devTypeObj.getNumRackSpaces()); System.out.println("deviceType = "+ devTypeObj.getVendorId()); System.out.println("deviceType = "+ devTypeObj.getIconFilePath()); System.out.println("deviceType = "+ devTypeObj.getIsactive()); System.out.println("deviceType = "+ devTypeObj.getIsdualPort()); System.out.println("deviceType = "+ devTypeObj.getDeviceCategoryDesc()); System.out.println("deviceType = "+ devTypeObj.getIsSwitchType()); System.out.println("deviceType = "+ devTypeObj.getPartNumber()); System.out.println("deviceType = "+ devTypeObj.getPortGroupCount()); System.out.println("----------------------------------------------------"); } /** * @param args */ public static void main(String[] args) throws Exception { // TODO Auto-generated method stub //URL url = new URL("http://localhost:8080/api-service-1/PVNGDevice?wsdl"); URL url = new URL("http://127.0.0.1:8080/pvng-api-service-1.0/TestDeviceBean?wsdl"); QName qname = new QName("http://api.service.pvng.panduit.com/deviceaccess", "DeviceService"); Service service = Service.create(url, qname); PVNGDeviceEndPoint deviceEndPoint = (PVNGDeviceEndPoint) service.getPort(PVNGDeviceEndPoint.class); //This was added to support basic Authentications BindingProvider bp = (BindingProvider)deviceEndPoint; bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit"); bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog"); DeviceTypeObject deviceTypObj = (DeviceTypeObject) deviceEndPoint.getSingleDeviceType(1); if( deviceTypObj != null ){ System.out.println(" ***** Device Type when ID is 1"); WsClientTest.printDeviceObj( deviceTypObj); } ArrayList deviceWsObjs = deviceEndPoint.getAllExistingDeviceTypes(); if( deviceWsObjs != null && deviceWsObjs.size() > 0){ System.out.println("****** All Device Type data"); for( int i = 0; i < deviceWsObjs.size(); i++ ){ WsClientTest.printDeviceObj((DeviceTypeObject)deviceWsObjs.get(i)); } } } }
EJB service end point code:
package com.panduit.pvng.service.api.db.ejb; import java.util.ArrayList; import com.panduit.acmnms.beans.DeviceTypeObject; import com.panduit.acmnms.db.Device; import com.panduit.acmnms.db.DeviceType; import com.panduit.pvng.service.api.db.dao.PVNGAPIDeviceDAO; import com.panduit.pvng.service.api.db.interfaces.TestDevice; import com.panduit.pvng.service.exception.PVNGAPIException; import javax.annotation.Resource; import javax.annotation.security.DeclareRoles; import javax.annotation.security.RolesAllowed; import javax.annotation.security.DeclareRoles; import javax.ejb.Remote; import javax.ejb.Stateless; import javax.jws.WebParam; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; import javax.xml.ws.WebServiceContext; import org.jboss.annotation.ejb.RemoteBinding; import org.jboss.annotation.security.SecurityDomain; @Stateless @SecurityDomain("JBossWS") //@DeclareRoles("friend") @RolesAllowed("friend") @Remote(TestDevice.class) @RemoteBinding(jndiBinding="ejb3/TestDevice") @WebService(name = "PVNGDeviceEndPoint", targetNamespace = "http://api.service.pvng.panduit.com/deviceaccess", serviceName = "DeviceService") @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL) public class TestDeviceBean implements TestDevice{ @WebMethod(operationName = "getAllExistingDeviceTypes") public ArrayList <DeviceTypeObject> getAllDevicesTypes() throws PVNGAPIException{ PVNGAPIDeviceDAO loPVNGAPIDeviceDAO = new PVNGAPIDeviceDAO(); // call the business method in DAO class ArrayList <DeviceTypeObject>lalPortInfo = loPVNGAPIDeviceDAO.getAllDeviceTypes(); // Return the information back to the calling program return lalPortInfo; } @WebMethod(operationName = "getSingleDeviceType") public DeviceTypeObject getDeviceType(@WebParam (name="DeviceTypeID") int deviceTypeId) throws PVNGAPIException{ PVNGAPIDeviceDAO loPVNGAPIDeviceDAO = new PVNGAPIDeviceDAO(); // call the business method in DAO class DeviceTypeObject deviceTypeObj = loPVNGAPIDeviceDAO.getDeviceTypeById(deviceTypeId); // Return the information back to the calling program System.out.println(" **** EJB Called and ArrayList for Device Type name :"+ deviceTypeObj.getDescription()); return deviceTypeObj; } }
Service End Point Interface:
package com.panduit.pvng.service.api.db.interfaces; import java.rmi.Remote; import java.rmi.RemoteException; import java.util.ArrayList; import javax.jws.WebMethod; import javax.jws.WebParam; import javax.jws.WebService; import javax.jws.soap.SOAPBinding; import com.panduit.acmnms.beans.DeviceTypeObject; import com.panduit.pvng.service.exception.PVNGAPIException; @WebService(name = "PVNGDeviceEndPoint", targetNamespace = "http://api.service.pvng.panduit.com/deviceaccess", serviceName = "DeviceService") @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL) public interface PVNGDeviceEndPoint extends Remote { @WebMethod(operationName = "getSingleDeviceType") public DeviceTypeObject getSingleDeviceType(@WebParam (name="DeviceTypeID", partName="DeviceTypeID") int deviceTypeId) throws RemoteException, PVNGAPIException; //public ArrayList<DeviceTypeObject> getAllDevicesTypes() throws PVNGAPIException; @WebMethod(operationName = "getAllExistingDeviceTypes") public ArrayList<DeviceTypeObject> getAllExistingDeviceTypes() throws RemoteException, PVNGAPIException; }
Here is the exception thrown when consumer request the service.
[java] DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext : org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS@17918f0 (Thread main) [java] Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Aut horization failure [java] at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultExce ption(SOAPFaultHelperJAXWS.java:69) [java] at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFault Exception(SOAP11BindingJAXWS.java:109) [java] at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(Com monSOAPBinding.java:553) [java] at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:371) [java] at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.j ava:243) [java] at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy .java:164) [java] at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy .java:150) [java] at $Proxy13.getSingleDeviceType(Unknown Source) [java] at ejb.WsClientTest.main(WsClientTest.java:70) [java] Java Result: 1
I checked security data for JBossWS in login-config.xml, jbossws-user.properties and jbossws-role.properties. I don't see any problem, all of them are correct. I am not sure what is going on here... Help Help..
Thanks,
Surafel