4 Replies Latest reply on Jun 27, 2006 12:59 PM by hkalkhoff

    JSR-181 EJB Endpoint with BASIC Authentication

    Frank Heldt Newbie

      I'm currently switching a EJB WebService from JBoss.NET to JBossWS (4.0.4GA) using JSR-181/EJB3 and now i'm running into problems.

      The old JBoss.NET Version had a .NET Client which authenticates via BASIC Authentication (and it works btw).

      In the new JSR-181 Version i used the @PortComponent Annotation (with authMethod="BASIC"), but i doesn't work so far. The client is the same .NET program, only updated to the new wsdl. From server.log:

      2006-06-08 14:15:52,760 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: SELECT user_pass FROM Users WHERE UserID=? AND Expires>=CURRENT_DATE, with username: null
      ...
      
      2006-06-08 14:15:52,776 DEBUG [javax.xml.rpc.soap.SOAPFaultException] new SOAPFaultException [code={http://schemas.xmlsoap.org/soap/envelope/}Client,string=javax.ejb.EJBAccessException: Authentication failure,actor=null,detail=null]
      2006-06-08 14:15:52,776 ERROR [org.jboss.ws.jaxrpc.SOAPFaultExceptionHelper] SOAP request exception
      javax.ejb.EJBAccessException: Authentication failure
       at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
       at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:71)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      ...
      


      The SessionBean:

      @Stateless
      @WebService(
       name="MyService",
       serviceName="MyService"
      )
      @SOAPBinding(
       style=SOAPBinding.Style.RPC,
       use=SOAPBinding.Use.LITERAL
      )
      @PortComponent(authMethod="BASIC")
      @SecurityDomain("myRealm")
      @RolesAllowed({"Admin", "Operator", "User"})
      public class WebServiceEJB implements WebServiceIf
      {
      ...
      }
      


      Any idea what's going wrong?



        • 1. Re: JSR-181 EJB Endpoint with BASIC Authentication
          Thomas Diesler Master

          This should be fixed in jbossws-1.0.1

          • 2. Re: JSR-181 EJB Endpoint with BASIC Authentication
            Alexander Sparkowsky Newbie

             

            "thomas.diesler@jboss.com" wrote:
            This should be fixed in jbossws-1.0.1


            Since I ran into the same problem I wonder how I can figure out what version was installed with my jboss 4.0.4.GA and how I can upgrade to 1.0.1 or newer?

            Thanks,
            Alex

            • 3. Re: JSR-181 EJB Endpoint with BASIC Authentication
              hkalkhoff Newbie

              I am having a similar issue with JSR-191 EJB. The testRemoteAccess() test is successful, but the testWebService() fails.

              public void testRemoteAccess() throws Exception {
              InitialContext iniCtx = getInitialContext();
              YoRemoteInterface ejb3Remote = (YoRemoteInterface)iniCtx.lookup("/ejb3/YoEndpointInterface");

              SecurityAssociation.setPrincipal(new SimplePrincipal("removed"));
              SecurityAssociation.setCredential("removed");

              String helloWorld = "dummy";
              Object retObj = ejb3Remote.dummy();
              assertEquals(helloWorld, retObj);
              }

              public void testWebService() throws Exception {
              assertWSDLAccess();

              InitialContext iniCtx = getInitialContext();
              Service service = (Service)iniCtx.lookup("java:comp/env/service/Yo");
              YoEndpointInterface port = (YoEndpointInterface)service.getPort(YoEndpointInterface.class);

              Stub stub = (Stub)port;
              stub._setProperty(Stub.USERNAME_PROPERTY, "removed");
              stub._setProperty(Stub.PASSWORD_PROPERTY, "removed");

              String helloWorld = "dummy";
              Object retObj = port.dummy();
              assertEquals(helloWorld, retObj);
              }

              ERROR:
              10:32:59,776 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[admin], principalRoles=[]
              10:32:59,786 ERROR [SOAPFaultExceptionHelper] SOAP request exception
              javax.ejb.EJBAccessException: Authorization failure
              at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:104)
              at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
              at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:78)
              at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
              at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
              at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
              at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
              at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
              at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:181)
              at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:147)
              at org.jboss.ws.server.ServiceEndpointInvokerEJB3.invokeServiceEndpoint(ServiceEndpointInvokerEJB3.java:117)
              at org.jboss.ws.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:118)
              at org.jboss.ws.server.ServiceEndpoint.handleRequest(ServiceEndpoint.java:234)
              at org.jboss.ws.server.ServiceEndpointServlet.doPost(ServiceEndpointServlet.java:120)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
              at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
              at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
              at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
              at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
              at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
              at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
              at java.lang.Thread.run(Thread.java:595)
              Caused by: java.lang.SecurityException: Insufficient permissions, principal=null, requiredRoles=[admin], principalRoles=[]
              at org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:150)
              at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:100)
              ... 33 more

              Any suggestions?

              • 4. Re: JSR-181 EJB Endpoint with BASIC Authentication
                hkalkhoff Newbie

                Installation of jbossws-1.0.1 on jbossas-4.0.4.GA resolved my issue:
                http://wiki.jboss.org/wiki/Wiki.jsp?page=JBWS101Install