i need to allow a role to access a webmethod of a Web Services, using ldap and JBOSS 7
Hi,
im using jboss as application server, the version 7.1.
I using jdveloper and ejb 3.1
I have create a Ws like this
@SecurityDomain("test_ldap_security_domain")
@RolesAllowed("TestRole")
@Stateless
@WebService(name = "AutenticacionADImplBean", targetNamespace = "http://correoargentino.com.ad/" )
@SOAPBinding(style = SOAPBinding.Style.RPC)
public class AutenticacionADImplBean implements AutenticacionADBeanRemote,AutenticacionADBeanLocal {
@WebMethod()
public String saludar(String hello) {
return hello;
}
}
Then i configured in my standalone.xml a security domain: ( i put xxxx hidden the true values for security)
<security-domains>
<security-domain name="test_ldap_security_domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://xxxx:389"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="CN=xxxx,CN=Users,DC=electoral,DC=com,DC=ar"/>
<module-option name="bindCredential" value="xxxx"/>
<module-option name="baseCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>
<module-option name="baseFilter" value="(uniqueMember={0})"/>
<module-option name="rolesCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>
<module-option name="roleFilter" value="(uniqueMember={0})"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="roleRecursion" value="0"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="Context.REFERRAL" value="follow"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="allowEmptyPasswords" value="true"/>
</login-module>
</authentication>
</security-domain>
Nota; in ldap i have a group called TestRole with many users
My questions:
1) this configuration it is ok or any xmls is missing? because it is not working
2)I need to remove the security domain OTHER from the XML?
3) I need and example of a client to test my WS that used authentication using LDAP.....
tHANK YOU IN ADVANCE