[Security & JAAS/JBoss] - EJB3 Endpoint Authentication Problems
by elcapitan
G'day all,
I'm trying to expose an EJB3 stateless session bean as a webservice, and I'm running into problems with authentication. If I leave all security considerations out, the bean exposes nicely, and I can interact with it using soapUI or a standalone Java client. However, when I start trying to add declarative security, things start falling over.
I have specified a security domain for the SEI, using the @SecurityDomain("myDomain") annotation. I've also modified the conf/login-config.xml file to include the following entry for this domain (I've also created the user and role files as specified):
| <application-policy name="webcrawler">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag="required">
| <module-option name="usersProperties">props/webcrawler-users.properties</module-option>
| <module-option name="rolesProperties">props/webcrawler-roles.properties</module-option>
| <!--<module-option name="unauthenticatedIdentity">anonymous</module-option>-->
| </login-module>
| </authentication>
| </application-policy>
|
The unauthenticatedIdentity line worked as advertised, however I commented it out since I really don't want unauthenticated access.
As near as I can tell, since I'm using annotations, this should be sufficient to set up the server to authenticate access (my web methods are unchecked to keep things simple, however I'm using the getCallerPrincipal().getName() and isUserInRole() methods to test authentication).
This is where things start to get confused. I guess I have two questions:
1) Is it possible to authenticate on a per-request basis, or is it necessary to establish a login context on the client side somehow and export it to the server? The reason I ask is that I'd like to do load-testing using soapUI, which only seems to support per-request information by attaching username/password information as request headers to the SOAP message.
2) What would be the simplest way to authenticate a standalone client, not running inside an app-server? My current client-side approach involves including and compiling wstools-generated stubs, then using the following code to establish a connection:
URL url = null;
| try {
| url = new URL("http://localhost:8080/crawler/WatchListManager?wsdl");
| } catch (MalformedURLException e) {
| e.printStackTrace();
| }
| QName qname = new QName("http://servercontroller.application.server.webcrawler.thedistillery.com.a...",
| "WatchListManagerInterfaceService");
| ServiceFactory factory = null;
| Service service = null;
| try {
| factory = ServiceFactory.newInstance();
| service = factory.createService(url, qname);// create service
| } catch (ServiceException se) {
| System.out.println("Couldn't create service");
| }
|
| WatchListManagerInterface cm = null;
| try {
| cm = (WatchListManagerInterface) service.getPort(WatchListManagerInterface.class);
|
| } catch (ServiceException e1) {
| e1.printStackTrace();
| }
Apologies if I'm missing something really basic, but I've been slamming my head against a wall for days now. :) Any help would be extremely appreciated.
James
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995174#3995174
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995174
19 years, 4 months
[EJB 3.0] - Problems deploying to JBoss
by akhtara7
Hi,
I am having some difficulty deploying the Sun's "Converter" example to the JBoss server. (A local stateless EJB)
I am using the following code to do the lookup
HelloWorld helloWorld=null;
InitialContext ic = new InitialContext();
helloWorld= (HelloWorld) ic.lookup("conv/MyHelloWorldBean/local");
The server shows the following error
java.lang.ClassCastException: $Proxy71
I noticed the build doesnt contain and ejb-jar and was wondering whether i had missed something out from specific to jboss.
The server does show it has deployed the EJB ok,
2006-12-19 23:32:57,357 DEBUG [org.jboss.ejb3.EJB3Deployer] create, converter-ejb.jar
2006-12-19 23:32:57,367 DEBUG [org.jboss.ejb3.EJB3Deployer] Deploying: file:/C:/Program Files/jboss-4.0.5.GA/server/default/tmp/deploy/tmp57442conv.ear-contents/converter-ejb.jar
2006-12-19 23:32:57,367 DEBUG [org.jboss.system.ServiceController] Creating service jboss.j2ee:service=EJB3,module=converter-ejb.jar
2006-12-19 23:32:57,367 DEBUG [org.jboss.ejb3.Ejb3Module] Creating jboss.j2ee:service=EJB3,module=converter-ejb.jar
2006-12-19 23:32:57,367 DEBUG [org.jboss.ejb3.security.JaccHelper] Initialising JACC Context for deployment: converter-ejb.jar
2006-12-19 23:32:57,387 DEBUG [org.jboss.ejb3.Ejb3AnnotationHandler] found EJB3: ejbName=MyHelloWorldBean, class=converter.hello.MyHelloWorldBean, type=STATELESS
2006-12-19 23:32:57,387 DEBUG [org.jboss.ejb3.ProxyDeployer] no declared remote bindings for : MyHelloWorldBean
2006-12-19 23:32:57,387 INFO [org.jboss.ejb3.Ejb3Deployment] EJB3 deployment time took: 20
(I have had a look at the docs and but cant seem to find anything of help)
I am using JDK5.0 with JBoss 4.0.5GA.
Thanks in advance
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995172#3995172
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995172
19 years, 4 months