2 Replies Latest reply on May 28, 2010 12:15 PM by kbeowulph

Minimum required for basic user/password authentication on a POJO?

kbeowulph May 28, 2010 9:54 AM

Hello.

I've followed the authentication guide (http://community.jboss.org/wiki/JBossWS-Authentication) and have (mostly) successfully implemented basic security on a POJO web service.

The problem I'm having though is that my client requires two-sets of authentication setting; once for the HTTP basic authentication, and again in the request context (same user and password). Is there a way I can set it so that the user only needs to authenticate at the request context level?

My files are attached (pasting them did not work very well).

Thanks.

TestSecureClient.java.zip 700 bytes
web.xml 1.4 KB
jboss-web.xml 82 bytes
SecureWs.java.zip 347 bytes

1. Re: Minimum required for basic user/password authentication on a POJO?

kbeowulph May 28, 2010 11:14 AM (in response to kbeowulph)
As usual, within an hour of posting a question on something I've been banging my head on for a while, I think I solved it.

As a quick note, do not modify web.xml (beyond adding the servlet); AFAIK everything in here is for HTTP authentication.

Files are attached. I'll be spending a bit more time seeing if it can be trimmed down a little more.

TestSecureClient.java.zip 902 bytes

standard-jaxws-client-config.xml 2.3 KB

jboss-wsse-client.xml 361 bytes

SecureWs.java.zip 365 bytes

web.xml 933 bytes

standard-jaxws-endpoint-config.xml 3.4 KB

jboss-wsse-server.xml 427 bytes

jboss-web.xml 82 bytes
Actions
2. Re: Minimum required for basic user/password authentication on a POJO?

kbeowulph May 28, 2010 12:15 PM (in response to kbeowulph)
One more note, these files will not work without importing the following jars from $JBOSS_HOME/client

jboss-common-core.jar
jboss-javaee.jar
jboss-xml-binding.jar
jbossx-client.jar

Is it possible to get these added to the default JBOSS_WS libaries? It seems like something we'd need if using it to build standalone clients.
Actions

Go to original post