1 Reply Latest reply on Nov 7, 2002 4:41 PM by Jason Essington

    JBoss.NET Authentication

    Carles Pairot Newbie

      Hi all,

      Right now I have an application that makes AXIS calls to the JBoss server (3.2 Beta) and it works fine, but I have changed the JBoss.NET axis-config.xml to the following:





      But right now, all the applications that make AXIS calls to the server are authenticated through myPolicy security domain. I am wondering if it is possible to specify in which security domain my application should do the AXIS calls in.

      Thanx in advance,

      --

      Carles

        • 1. Re: JBoss.NET Authentication
          Jason Essington Newbie

          Hi Carles

          you can get service level control of the security domain by adding the JBossAuthenticationHandler to the services request chain in the web-service.xml file like so







          <!-- change this to the policy you want -->









          I think you have to comment out the JBossAuthenticationHandler in the axis-config.xml file though.

          There are xDoclet tags for this and the JBossAuthorizationHandler in the cvs version of jboss. I haven't managed yet to submit a patch to the xDoclet guys, so you would have to add the classes in and recompile xdoclet yourself for now.

          * @jboss-net.web-service
          * urn="MyService"
          * scope="Session" <- or "Application" or "Request"
          * expose-all="true"
          *
          * @jboss-net.authentication
          * domain="myPolicy"
          *
          * @--jboss-net.authorization <-- hidden from xDoclet in this example
          * domain="myPolicy"
          * allowed-roles="admin,manager"
          * denied-roles="user"