0 Replies Latest reply on May 6, 2015 5:11 AM by Taha M

    JAX WS DIGEST http authentication in jboss 7.1.1

    Taha M Newbie

      I have a Jboss 7.1.1 server exposing SOAP Web Services. Currently they are authenticated usin http-BASIC authentication as declared in the service class

        @WebContext(authMethod = "BASIC",...) 

      The associated security domain config is as follows :

      <security-domain name="myDomain" cache-type="...">

           <authentication>

            <login-module code="..." flag="sufficient" module="..."> //code extending from UsernamePasswordLoginModule

                <module-option name="hashAlgorithm" value="SHA-1"/>

                <module-option name="hashCharset" value="UTF-8"/>

                <module-option name="ignorePasswordCase" value="false"/>

                <module-option name="hashStorePassword" value="false"/>    

                <module-option name="hashUserPassword" value="true"/>

           </login-module>

           </authentication>

      </security-domain>


       

       

      I want to use http-DIGEST authentication method instead. Can I do something like - @WebContext(authMethod = "DIGEST",...) , what would be the required changes in the standalone.xml ? Or any other better way that any one can suggest.

      Also, I would like to know that since I am using BASIC http authentication currently then is the security domain config given above necessary or not. Since BASIC authentication is not using any hash algorithm.

      Thanks