5 Replies Latest reply on Jun 14, 2006 9:04 AM by Simone Taliercio

    Secure endpoint without secure WSDL

    Justin Bertram Newbie

      I have secured my Web Service endpoint (JSR-109 EJB) with basic authentication, but that requires me to enter the authentication information to access the WSDL which is unacceptable. Is there a way to secure the endpoint without securing the WSDL?

      Here is my jboss.xml:

      <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd">
      <jboss>
       <security-domain>java:/jaas/JBossWS</security-domain> <!-- This links to conf/login-config.xml in jboss point to a security domain -->
       <enterprise-beans>
       <session>
       <ejb-name>JBossTest2</ejb-name>
       <jndi-name>JBossTest2</jndi-name>
       <resource-ref>
       <description>Database Reference to DataSource</description>
       <res-ref-name>jdbc/jbossTest2DB</res-ref-name>
       <jndi-name>java:/jbossTest2DB</jndi-name>
       </resource-ref>
       <port-component>
       <port-component-name>JBossTest2Endpoint</port-component-name>
       <auth-method>BASIC</auth-method>
       <port-component-uri>/jbosstest2/1.0</port-component-uri>
       </port-component>
       </session>
       </enterprise-beans>
      </jboss>