[jboss-user] [JBoss Seam] - Seam 2.x, Webservice Security
estahn
do-not-reply at jboss.com
Tue Jan 29 05:50:12 EST 2008
Hi,
how do i restrict access to webservice methods? I tried to add "@Restrict("#{identity.loggedIn}")" before "createTest", but if i test this with an soap client (e.g. soap ui) i getting no SOAP Exception or something else. It will return the the string "done".
Any ideas?
Enrico
package org.domain.webservices;
|
| import javax.ejb.Stateless;
| import javax.jws.WebMethod;
| import javax.jws.WebParam;
| import javax.jws.WebService;
|
| import org.jboss.seam.annotations.security.Restrict;
| import org.jboss.seam.security.Identity;
| import org.jboss.wsf.spi.annotation.WebContext;
|
| @Stateless
| @WebContext(contextRoot="/TestWS")
| @WebService(name = "TestService", serviceName = "TestService")
| public class TenderNoticeCollectorService implements TenderNoticeCollectorServiceRemote
| {
| @WebMethod
| public boolean login(@WebParam(name="username") String username, @WebParam(name="password") String password) {
| Identity.instance().setUsername(username);
| Identity.instance().setPassword(password);
| Identity.instance().login();
| return Identity.instance().isLoggedIn();
| }
|
| @WebMethod
| public boolean logout() {
| Identity.instance().logout();
| return !Identity.instance().isLoggedIn();
| }
|
| @WebMethod
| @Restrict("#{identity.loggedIn}")
| public String createTest(@WebParam(name="title") String title)
| {
| return "done";
| }
| }
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4124333#4124333
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4124333
More information about the jboss-user
mailing list