This content has been marked as final.
Show 4 replies
-
1. Re: EJB3.0 annotation security and webservices.
jgilbert Oct 29, 2006 10:40 AM (in response to webmarck)Take a look at the JBossWS user guide chapter on securing endpoints:
http://labs.jboss.com/portal/jbossws/user-guide/en/html/secure-ejb.html
You basically set properties on the Stub.
I haven't tried it but I bet calling the the ClientSideLogingModule would to the trick also. -
2. Re: EJB3.0 annotation security and webservices.
webmarck Oct 30, 2006 5:59 AM (in response to webmarck)Thanks for your reply,
I followed the guide as much as possible, but unfortunately I haven?t been able to get it work yet.
I have modified my server bean so it uses the same security domain as the webservice just to make things simple.@SecurityDomain("JBossWS") ? @RolesAllowed("friend") public void setName(String name);
I have modified the client as the example says.URL url = new URL("http://localhost:8080/test/MyBean?wsdl"); QName qname = new QName("http://test.niro.dk/jaws", "MyService"); ServiceFactory factory = ServiceFactory.newInstance(); Service service = factory.createService(url, qname); My myTest = (My)service.getPort(My.class); Stub stub = (Stub) myTest; stub._setProperty(Stub.USERNAME_PROPERTY, "kermit"); stub._setProperty(Stub.PASSWORD_PROPERTY, "thefrog"); myTest.setName("test");
Think I am getting close now because now I get a10:42:38,125 ERROR [SOAPFaultExceptionHelper] SOAP request exception javax.ejb.EJBAccessException: Authentication failure at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:99) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:131)
I can see the guide wants me to set a
<auth-method>BASIC</auth-method>
But the version of jboss.xml (http://www.jboss.org/j2ee/schema/jboss_5_0.xsd) doesn?t contain that tag.
Anybody have a good idea on what to do now? -
3. Re: EJB3.0 annotation security and webservices.
vans Nov 15, 2006 8:59 AM (in response to webmarck)Hello webmarck,
I think, I've got a similar problem. Did you ever get it work?
regards,
Vans -
4. Re: EJB3.0 annotation security and webservices.
webmarck Nov 15, 2006 9:07 AM (in response to webmarck)No - I was forced to disable @RolesAllowed("customer") security :-(
Means alot of extra coding...