[jbossws-issues] [JBoss JIRA] (JBWS-3700) Unable to Check Roles in One-Way Operations
Jim Ma (JIRA)
jira-events at lists.jboss.org
Tue Sep 10 02:38:03 EDT 2013
[ https://issues.jboss.org/browse/JBWS-3700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12802951#comment-12802951 ]
Jim Ma edited comment on JBWS-3700 at 9/10/13 2:37 AM:
-------------------------------------------------------
can you please try to configure the security constraint to servlet like the follow example to see if it works ?
{code}
<servlet>
<servlet-name>HelloImpl</servlet-name>
<servlet-class>org.jboss.test.ws.jaxws.jbws2307.HelloImpl</servlet-class>
<load-on-startup>0</load-on-startup>
<security-role-ref>
<role-name>FRN</role-name>
<role-link>friend</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>HelloImpl</servlet-name>
<url-pattern>/jaxws/Hello</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>54</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>WSHelloSecureService</web-resource-name>
<url-pattern>/jaxws/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>friend</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>friend</role-name>
</security-role>
{code}
was (Author: jim.ma):
can you please configure the security constraint to servlet like the follow example to see if it works ?
{code}
<servlet>
<servlet-name>HelloImpl</servlet-name>
<servlet-class>org.jboss.test.ws.jaxws.jbws2307.HelloImpl</servlet-class>
<load-on-startup>0</load-on-startup>
<security-role-ref>
<role-name>FRN</role-name>
<role-link>friend</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>HelloImpl</servlet-name>
<url-pattern>/jaxws/Hello</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>54</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>WSHelloSecureService</web-resource-name>
<url-pattern>/jaxws/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>friend</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>friend</role-name>
</security-role>
{code}
> Unable to Check Roles in One-Way Operations
> -------------------------------------------
>
> Key: JBWS-3700
> URL: https://issues.jboss.org/browse/JBWS-3700
> Project: JBoss Web Services
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: jbossws-cxf
> Affects Versions: jbossws-cxf-4.1.3
> Environment: All supported environments.
> Reporter: Fernando Ribeiro
> Assignee: Jim Ma
> Fix For: jbossws-cxf-4.3
>
> Attachments: jaxwssample-1.0.war
>
>
> In any calls to one-way operations, the isUserInRole doesn't work as expected.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jbossws-issues
mailing list