WS basic auth only for post requests
waperboy Oct 27, 2006 7:43 AMI've created a web service, and added basic authentication according to the user-guide chapter 13 (http://labs.jboss.com/portal/jbossws/user-guide/en/html/secure-ejb.html), but it results in basic auth being activated for both GET and POST. I want access to the wsdl to be public.
The web service is defined using webservices.xml, jboss.xml, and ejb-jar.xml, and is contained in a jar file.
I notice in the web.xml file generated by jboss on deploy, that both GET and POST is specified in the security-constraint.
Any ideas on how I can make access to the wsdl (GET requests) public, and only the ws-methods (POST requests) authenticated?
/Per
webservices.xml:
<webservice-description> <webservice-description-name>MyService</webservice-description-name> <wsdl-file>META-INF/wsdl/MyService.wsdl</wsdl-file> <jaxrpc-mapping-file>META-INF/MyService-mapping.xml</jaxrpc-mapping-file> <port-component> <port-component-name>MyService</port-component-name> <wsdl-port>MyServicePort</wsdl-port> <service-endpoint-interface>com.test.ws.MyServiceEndpoint</service-endpoint-interface> <service-impl-bean> <ejb-link>MyServiceBean</ejb-link> <servlet-link></servlet-link> </service-impl-bean> </port-component> </webservice-description>
jboss.xml:
<jboss> <security-domain>java:/jaas/my-security-domain</security-domain> <enterprise-beans> <session> <ejb-name>MyServiceBean</ejb-name> <port-component> <port-component-name>MyService</port-component-name> <port-component-uri>/ws/MyService</port-component-uri> <auth-method>BASIC</auth-method> </port-component> </session> </enterprise-beans> </jboss>
ejb-jar.xml:
<enterprise-beans> <session> <ejb-name>MyServiceBean</ejb-name> <service-endpoint>com.test.ws.MyServiceEndpoint</service-endpoint> <ejb-class>com.test.ws.MyServiceSLSB</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <security-role-ref> <role-name>@ROLE_EXPORT@</role-name> </security-role-ref> <security-role-ref> <role-name>@ROLE_IMPORT@</role-name> </security-role-ref> </session> </enterprise-beans> <assembly-descriptor> <security-role> <role-name>@ROLE_IMPORT@</role-name> </security-role> <security-role> <role-name>@ROLE_EXPORT@</role-name> </security-role> <method-permission> <role-name>@ROLE_IMPORT@</role-name> <method> <ejb-name>MyServiceBean</ejb-name> <method-name>submit</method-name> </method> </method-permission> <method-permission> <role-name>@ROLE_EXPORT@</role-name> <method> <ejb-name>MyServiceBean</ejb-name> <method-name>fetch</method-name> </method> </method-permission> </assembly-descriptor>