3 Replies Latest reply on Mar 27, 2014 9:46 AM by sergiu_pienar

    Security Domain Not Recognized?

    jimmy001

      Hello,

       

      I am trying to secure an ejb based webservice. For this I am using a security-domain, which I am already using for a web application deployed in the same ear file.

      The problem seems to be, that calling the webservice doesn't trigger the login-module for which I can't find any explanation. The Login Module prints logging data, when logging into the web application, but a WS-Call doesn't show any log entries.

      I am using JBoss 7.1.0 and I am migrating the webservices from JBoss 5.1.0 if this is of any relevance.

       

      Perhaps someone here sees something that I am missing (perhaps some configuration element for the cfx stack?). These are the relevant code fragements:

       

       

       @WebService(targetNamespace = "http://www.organisation.de/demo/process", name = "ProcessServiceIntern")
       @WebContext(contextRoot = "demoWsIntern", authMethod = AuthMethod.BASIC, transportGuarantee = "NONE", secureWSDLAccess = false)
       @SOAPBinding(style = Style.DOCUMENT, parameterStyle = ParameterStyle.WRAPPED)
       @SecurityDomain("demoWs")
       @RolesAllowed("WS_Role_G")
       @Stateless
       public class ProcessServiceIntern
      

       

       

      <security-domain name="demoWs" cache-type="default">
           <authentication>
              <login-module code="com.organisation.auth.WebServiceLoginModule" flag="required" module="com.organisation">
                   <module-option name="principalClass" value="org.jboss.security.SimplePrincipal"/>
                   <module-option name="databaseClass" value="com.microsoft.sqlserver.jdbc.SQLServerDriver"/>
              </login-module>
          </authentication>
      </security-domain>
      

       

       

      ID: 14
      Address: http://localhost:8080/demoWsIntern/ProcessServiceIntern?wsdl=IProcessServiceIntern.wsdl
      Http-Method: GET
      Content-Type:
      Headers: {Accept=[text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2], connection=[keep-alive], Content-Type=[null], host=[localhost:8080], user-agent=[Java/1.7.0_21]}
      
      --------------------------------------
      09:43:03,158 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-1) Setting threadlocal:null
      09:43:03,472 INFO  [org.apache.cxf.interceptor.LoggingInInterceptor] (http--127.0.0.1-8080-1) Inbound Message
      ----------------------------
      
      ID: 15
      Address: http://localhost:8080/demoWsIntern/ProcessServiceIntern
      Encoding: UTF-8
      Http-Method: POST
      Content-Type: text/xml;charset="utf-8"
      Headers: {Accept=[text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2], Authorization=[Basic d3NUZXN0OdF3aW8wVGFiOGV0dA==], connection=[keep-alive], Content-Length=[255], content-type=[text/xml;charset="utf-8"], host=[localhost:8080], SOAPAction=[""], user-agent=[JAX-WS RI 2.1.3-b02-]}
      Payload: <?xml version='1.0' encoding='UTF-8'?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:listActiveProcessesIntern xmlns:ns2="http://process.ws.demo/"><arg0>demoUser</arg0></ns2:listActiveProcessesIntern></S:Body></S:Envelope>
      
      --------------------------------------
      
      09:43:03,476 ERROR [org.jboss.ejb3.invocation] (http--127.0.0.1-8080-1) JBAS014134: EJB Invocation failed on component ProcessServiceIntern for method public demo.ws.process.ProcessListResponseIntern demo.ws.process.ProcessServiceIntern.listActiveProcessesIntern(java.lang.String):
      
      javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public demo.ws.process.ProcessListResponseIntern demo.ws.process.ProcessServiceIntern.listActiveProcessesIntern(java.lang.String) of bean: ProcessServiceIntern is not allowed
          at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:101) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:76) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:32) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
          at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
          at org.jboss.as.webservices.invocation.AbstractInvocationHandlerEJB.invoke(AbstractInvocationHandlerEJB.java:112)
          at org.jboss.wsf.stack.cxf.JBossWSInvoker._invokeInternal(JBossWSInvoker.java:181)
          at org.jboss.wsf.stack.cxf.JBossWSInvoker.invoke(JBossWSInvoker.java:127)
      

       

      Thx for your help.

       

      Jimmy