0 Replies Latest reply on Aug 1, 2016 5:02 PM by maria etchegaray

    i need to allow a role to access a webmethod of a Web Services, using ldap and JBOSS 7

    maria etchegaray Newbie

      Hi,

      im using jboss as application server, the version 7.1.

      I using jdveloper and ejb 3.1

       

      I have create a Ws like this

       

      @SecurityDomain("test_ldap_security_domain")

      @RolesAllowed("TestRole")

      @Stateless

      @WebService(name = "AutenticacionADImplBean", targetNamespace = "http://correoargentino.com.ad/" )

      @SOAPBinding(style = SOAPBinding.Style.RPC)

      public class AutenticacionADImplBean implements AutenticacionADBeanRemote,AutenticacionADBeanLocal {

      @WebMethod()   

          public String saludar(String hello) {

             return hello;

           }

      }

       

      Then i configured in my standalone.xml a security domain: ( i put xxxx hidden the true values for security)

       

      <security-domains>

                      <security-domain name="test_ldap_security_domain">

                          <authentication>

                              <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

                                  <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                                  <module-option name="java.naming.provider.url" value="ldap://xxxx:389"/>

                                  <module-option name="java.naming.security.authentication" value="simple"/>

                                  <module-option name="bindDN" value="CN=xxxx,CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="bindCredential" value="xxxx"/>

                                  <module-option name="baseCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="baseFilter" value="(uniqueMember={0})"/>

                                  <module-option name="rolesCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="roleFilter" value="(uniqueMember={0})"/>

                                  <module-option name="roleNameAttributeID" value="cn"/>

                                  <module-option name="searchScope" value="SUBTREE_SCOPE"/>

                                  <module-option name="roleRecursion" value="0"/>

                                  <module-option name="roleAttributeIsDN" value="true"/>

                                  <module-option name="allowEmptyPasswords" value="false"/>

                                  <module-option name="Context.REFERRAL" value="follow"/>

                                  <module-option name="throwValidateError" value="true"/>

                                  <module-option name="allowEmptyPasswords" value="true"/>

                              </login-module>

                          </authentication>

                      </security-domain>

       

      Nota; in ldap i have a group called  TestRole with many users

       

      My questions:

       

      1) this configuration it is ok or any xmls is missing? because it is not working

      2)I need to remove the security domain OTHER from the XML?

      3) I need and example of a client to test my WS that used authentication using LDAP.....

       

      tHANK YOU IN ADVANCE