5 Replies Latest reply on Mar 29, 2009 8:42 PM by sun certified

    WSIT

    Nick Slager Newbie

      I'm rather new to JBoss and have been having difficulty getting WSIT to work. I've installed the latest Metro version on JBoss 4.2.2.

      I must be missing a step somewhere though because I can develop a WSIT enabled secure app on glassfish, but when copying the jar files to JBoss I get a null pointer exception in the client when attempting to call the web service.

      Is there some place that I'm missing that has a steps for getting some of the WSIT examples running under JBoss? A step by step tutorial for implementing web service security on JBoss would be fantastic.

      Thank you in advance for any direction you can give.

        • 1. Re: WSIT
          Richard Opalka Master

          Did you see this?

          • 2. Re: WSIT
            Nick Slager Newbie

            I did. I also found the following paragraph to be a sadly untrue:

            The JBossWS-Metro source distribution comes with some samples using X.509 certificate signature and encryption as well as Username Token Profile. You can find them in package org.jboss.test.ws.jaxws.samples.wsse


            There were a bunch of tests that ran and claimed to pass on install of metro, but the wsse sample wasn't there.

            The page you directed me to wasn't exactly an in-depth step by step on getting WSIT working under JBoss. In fact, following the link to https://jax-ws.dev.java.net/guide/Configuring_Security_Using_NetBeans_IDE.html was exactly how I got my glassfish example working. I tried adding a RealmAuthenticator as well, but to be honest, I'm not even sure what that was supposed to be accomplishing.

            What I really need are step by step instructions on moving from the linked example that worked in glassfish to a working version on JBoss. I imagine I'm missing something pretty basic, but I just can't find any starter information that doesn't assume I'm already a JBoss expert. Because I'm certainly not.

            Thanks for getting back to me. Any more help you can bring would be greatly appreciated.

            • 3. Re: WSIT
              Guzman Llambi­as Novice

              Hi! I've been using the Metro stack from some time ago till now with many of the WS specs, having good results (including .NET interop) in some tests and not so in other. Fortunatelly, I can tell that WS-Security with X.509 certificates the stack works well in JBoss. I used the NetBeans IDE to develop the service and then deployed it on JBoss after solving some deployment issues.

              Could you please be more specific with your problem?

              Cheers
              Guzman

              • 4. Re: WSIT
                Alessio Soldano Master

                First of all, this might sound obvious, but make sure you correctly installed JBossWS-Metro. Words can be quite misleading, but when you say "..claimed to pass on install of metro" I'm not that sure you actually meant JBossWS-Metro. Forget this if I'm wrong ;-)

                "nslager" wrote:
                I did. I also found the following paragraph to be a sadly untrue:

                The JBossWS-Metro source distribution comes with some samples using X.509 certificate signature and encryption as well as Username Token Profile. You can find them in package org.jboss.test.ws.jaxws.samples.wsse


                There were a bunch of tests that ran and claimed to pass on install of metro, but the wsse sample wasn't there.

                The tests are there; since these are JBossWS-Metro specific tests (WS-Security is used different way in JBossWS-Native), you'll find them in the source distribution only. Perhaps you checked the binary distribution only. Otherwise look at fisheye: http://fisheye.jboss.org/browse/JBossWS/stack/metro/trunk/modules/testsuite/metro-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse

                I tried adding a RealmAuthenticator as well, but to be honest, I'm not even sure what that was supposed to be accomplishing.

                That class is required because Metro was originally meant to be used with Glassfish, so an external authenticator is required to work with JBoss.

                • 5. Re: WSIT
                  sun certified Newbie

                  hi alessio,

                  thanks for your reply. it is especially valuable, because you are the author of org.jboss.test.ws.jaxws.samples.wsse.RealmAuthenticator and all the other sample classes that come bundled with the metro source distro:

                  That class [RealmAuthenticator] is required because Metro was originally meant to be used with Glassfish, so an external authenticator is required to work with JBoss.


                  i am very grateful for your comments in this thread. i am also very grateful that you have made the sample source code available.

                  i take your word for it, that RealmAuthenticator is required. however, there are a lot of things regarding that class - in both in the jboss documentation and in the glassfish documentation - that still is not obvious. even after i've read it and tried (and failed) to implement it over and over dozens of times!

                  * is it also required, for example, that a user with username "kermit" (taking your example) be created as a user in jboss?

                  * or, is RealmAuthenticator just a no-op kind of placeholder? only there because jboss needs any RealmAuthenticator implementation - regardless of whether it does anything meaningful?

                  * am i correct to assume that every caller of our service is required to have a username in our system?

                  thanks in advance for your reply.