Cannot Access Secure EJB3 Web Service
skerstetter Sep 24, 2009 11:19 AMI have a web service that worked fine in AS 4.2.1GA, but since porting to 5.1.0GA, I have been unable to access it if it is secure. If I remove authMethod=BASIC setting of the WebContext, I can access the ejb, but it is not secure.
I am using the native stack, version 3.2.0GA.
Here is my interface definition (simplified):
@WebService @SOAPBinding(style = SOAPBinding.Style.RPC) public interface Inquiry { String echo(@WebParam(name="echoText", mode=Mode.IN) String echoText);
Here is my EJB3 definition:
@WebService(endpointInterface="com.foo.Inquiry") @WebContext(contextRoot="check-inquiry", /* SEK TODO: not working */ authMethod="BASIC" /**/, secureWSDLAccess=false) @Stateless @SecurityDomain("my-security-domain") @TransactionAttribute(TransactionAttributeType.SUPPORTS) //we do not require a transaction. we do not perform any updates. @Interceptors({PerformanceProfiler.class, ExceptionLogger.class}) public class InquiryImpl extends BasePersistentContextHolder implements Inquiry { @Override public String echo(final String echoText) { getLog().debug("echo=[" + echoText+ "]"); return echoText; }
Here is my jax-rpc client code:
private Inquiry getService(final String username, final String password, final boolean withAuth) throws MalformedURLException, ServiceException { Stub stub = (Stub) new InquiryService_Impl().getInquiryPort(); stub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY, "http://localhost:8080/check-inquiry/InquiryImpl?wsdl"); if (withAuth) { stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, username); stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, password); } return (Inquiry) stub; }
Let's see, I've got the custom security domain configured in conf/login-config.xml. I've read through the documentation and tried a number of things with other configuration files, like jboss-wsse-server.xml in META-INF. Nothing has worked. I am deploying as an ejb-jar file inside of an ear file.
I'm hoping that someone can see some inconsistency in this all that I have missed.