Valid principal/credential combinations are configured with the jboss security domain your WS is using.
Have a look at the samples that are shiped with jboss-4.0.1
cvs co -r JBoss_4_0_1 jboss-4.0
Thanks for ur reply. The problem is that i didnt give the statement in the client code
InventoryEndpoint hello = (InventoryEndpoint)stub;
and in web.xml i have to give security-constraint and username and roles in properties file
<login-config> <auth-method>BASIC</auth-method> </login-config> <security-constraint> <web-resource-collection> <web-resource-name>SecureHello</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>The Duke</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <security-role> <role-name>admin</role-name> </security-role>
this is basic authentication for jax-rpc .
.is this Basic authentication is secure ? is there any other way ?
Basic authentication is secure enough if you use HTTPS. With plain HTPP the password is encoded with base64 which only slightly better than plain text (security by obfuscation).
A stronger algorithm is client certificates.
I m using jboss-4.0.0 and as i told i using Basic authentication for my web service.
I have deployed my web service in jboss-4.0.0 . when i access from perl client it works fine. but when i access from .NET client with the credential details i m getting the following error
The request failed with HTTP status 505: HTTP Version Not Supported
pls tell me y is this error?