1 Reply Latest reply on May 13, 2005 1:24 AM by Pawel Polyakov

    jboss4.0.2 web-service auth and non-java clients

    Pawel Polyakov Newbie

      I have a merely simple web-service under jboss4.0.0 and now moving it on 4.0.2. this is the part of my login-config.xml:

       <application-policy name = "JBossWS">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "dsJndiName">java:/OracleDS</module-option>
       <module-option name = "principalsQuery">SELECT PASS FROM trate.dilers_auth WHERE LOGIN=?</module-option>
       <module-option name = "rolesQuery">SELECT role,'Roles' FROM WS_USERROLES WHERE USERNAME=?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      

      It works fine under 4.0.0 and after redeployment into 4.0.2 my clients can't login properly. I have tested my web service with some simple JUnit test and find out that now password in soap auth-header is encrypted. But I don't know with what algorithm. And I have found nothing about this in wiki.