[jbossws-users] [JBossWS] - Re: JAX-WS Basic authorization?

rukus do-not-reply at jboss.com
Wed Nov 14 09:40:39 EST 2007

If you need authentication with JAX-WS:
1. Web-service
  | @SOAPBinding(style = SOAPBinding.Style.RPC) 
  | public interface IServerService {
  |     @WebMethod
  |     String status();
  | }
@WebService(name = "ServerService", serviceName = "ServerService")
  | @SOAPBinding(style = SOAPBinding.Style.RPC)
  | public class ServerService implements IServerService {
  |     @WebMethod
  |     @RolesAllowed ("testuser")
  |     public String status() {        
  |         return "It works";
  |     }
  | }
2. web.xml
<?xml version="1.0" encoding="UTF-8"?>
  | <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  |          xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
  |          version="2.4">
  |     <security-constraint>
  |     <web-resource-collection>
  |         <web-resource-name>Server service</web-resource-name>
  |         <url-pattern>/*</url-pattern>
  |         <http-method>POST</http-method>
  |       </web-resource-collection>
  |       <auth-constraint>
  |         <role-name>testuser</role-name>
  |       </auth-constraint>
  |     </security-constraint>
  |     <login-config>
  |       <auth-method>BASIC</auth-method>
  |     </login-config>
  |     <security-role>
  |     <description>Known users of the Server service</description>
  |     <role-name>testuser</role-name>
  |   </security-role>
  |    <!--               Web Services                             -->
  | <servlet>
  |         <servlet-name>ServerService</servlet-name>
  |         <servlet-class>my.ServerService</servlet-class>
  |     </servlet>
  |     <!--               Web Services Mapping                    -->
  |     <servlet-mapping>
  |         <servlet-name>ServerService</servlet-name>
  |         <url-pattern>/ServerService</url-pattern>
  |     </servlet-mapping>
  | </web-app>
3. jboss-web.xml 
  |   <security-domain>java:/jaas/test_project</security-domain>
  | </jboss-web>
- I don't exactly understand what is it means - but i think it should be
4. add users.properties and role.properties to project:
anonymous wrote : test=test
anonymous wrote : test=testuser
5. Client

  | URL wsdlLocation = new URL("");
  |         QName serviceName = new QName("http://my/", "ServerService");
  |         Service service = Service.create(wsdlLocation, serviceName);
  |         IServerService port = service.getPort(IServerService.class);
  |         BindingProvider bp = (BindingProvider) port;
  |         Map<String, Object> map = bp.getRequestContext();
  |         map.put(BindingProvider.USERNAME_PROPERTY, "test");
  |         map.put(BindingProvider.PASSWORD_PROPERTY, "test");
  |         String status = port.status();
  |         System.out.println(status);
I haven't test it but looks like i did't forget anything

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4104606#4104606

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4104606

More information about the jbossws-users mailing list