December 2006 - jboss-user - Jboss List Archives

[JBossWS] - Authorization failure .NET client to secured Webservices

by marcelvanvelzen

Hi, I am sorry for this posting, since I think this has been asked many many times. I have read all the related topics and tried many things, but still I cannot make my .NET client connect to my JBoss 4.0.5GA Webservices. My Visual Basic 2005 .NET client gives the error 'Authorization failed'. When I use @PermitAll it works fine. I really hope somebody can help me, since I have an idea what to do next. What have I done: 1) Specified @SecurityDomain("AthenaWS") in the Webservice and added @RolesAllowed("RegularUser") for all methods. The annotations of the class start with: @WebService (name="ApplicationEndPoint", serviceName="Application", targetNamespace = "http://address:8080/athenaserver") @SOAPBinding (style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) @Stateless @Remote(ApplicationRemote.class) @RemoteBinding(jndiBinding = "/ejb3/ApplicationEndPoint") @SecurityDomain("AthenaWS") public class etc 2) Added the following text to JBOSS_HOME/server/default/conf/login-config.xml:  <application-policy name="AthenaWS"> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="usersProperties">props/athenaws-users.properties</module-option> <module-option name="rolesProperties">props/athenaws-roles.properties</module-option> <module-option name="unauthenticatedIdentity">anonymous</module-option> <module-option name="hashEncoding">base64</module-option>  </login-module> </application-policy> 3) Placed athenaws-users.properties in the JBOSS_HOME/server/default/conf/props, this has the following contents: velzm=secret 4) Placed athenaws-roles.properties in the JBOSS_HOME/server/default/conf/props, this has the following contents: velzm=RegularUser 5) Downloaded Visual Basic 2005 Express Edition and SDK 2.0. I am using InfoPath 2007 but this cannot work with JBoss secured webservices directly, only using SharePoint Server this should be possible using UDC reading the documentation. However, I don't want this additional layer, so I am trying to make a work-a-round. I am using the tool wsdl.exe to generate a Visual Basic class for the webservice. Later when this works, I want to see if it possible to generate JavaScript code and embed this in the InfoPath form, so distribution no problem. With VB I must distribute the dll, which would suck. 6) Extended the generated VB webservice class, since preAuthenticate according to the topics gives problem. The VB code is: Option Explicit On Imports System Imports System.IO Imports System.Net Imports System.Text Public Class ApplicationWS Inherits Application Private nc As NetworkCredential = Nothing Protected Overrides Function GetWebRequest(ByVal Uri As Uri) As System.Net.WebRequest Dim request As System.Net.HttpWebRequest = MyBase.GetWebRequest(Uri) If (MyBase.PreAuthenticate) Then Dim nc As System.Net.NetworkCredential = MyBase.Credentials.GetCredential(Uri, "Basic") Dim credBuf() As Byte = New System.Text.UTF8Encoding().GetBytes(nc.Domain + "\" + nc.UserName + ":" + nc.Password) If Not credBuf Is Nothing Then request.Headers("Authorization") = "Basic " + Convert.ToBase64String(credBuf) End If End If GetWebRequest = request End Function Public Overloads Function getExchanges() As String() Dim parms As New getExchanges Return MyBase.getExchanges(parms) End Function Public Sub New() MyBase.New() MyBase.PreAuthenticate = False End Sub Public Sub New(ByVal domain As String, ByVal user As String, ByVal password As String) MyBase.New() MyBase.Credentials = New NetworkCredential(user, password, domain) MyBase.PreAuthenticate = True End Sub End Class 7) Testing the stuff, by the following VB code: Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click Dim application As New ApplicationWS("AthenaWS", "velzm", "secret") Dim count As Integer Try Dim exchanges() As String = application.getExchanges() For count = 0 To exchanges.Length - 1 Console.WriteLine(exchanges(count)) Next count Console.Beep() Catch ex As Exception MsgBox("ex=" + ex.Message) End Try End Sub This results in the message 'Authorization failure'. What's wrong ? - In JBoss 4.0.5GA I don't see an annotation of validateUnauthorizedTrue, so I cannot set this to true. Question which I have, is this option still necessary to set in JBoss 4.0.5GA ? - JBOSS_HOME/server/default/logs/server.log shows the following line: 2006-12-02 09:18:20,062 DEBUG [jbossws.SOAPMessage] Incomming SOAPMessage <soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'> <soap:Header/> <soap:Body> </soap:Body></soap:Envelope> Question which I have, where is the authentication header ?? I have used the debugger for overridded function GetWebRequest and this is called correctly, but is it not sending the information ? Or is it sending the information, but not showing up in the log ? I really need some suggestions, since I am stuck. Thanks in advance, Marcel van Velzen View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990739#3990739 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990739

18 years, 1 month

1
0
0 / 0

[JBoss/Spring Integration] - Re: myApp.spring deploting

by alesj

You can add the dependency to the SpringDeployer service - it's a mbean after all. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990738#3990738 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990738

18 years, 1 month

1
0
0 / 0

[Beginners Corner] - Strange!run project of visual web , error, refresh page in bro

by lcfzgb

Strange!run project of visual web ,error,refresh page in browser . ok!!! why?how to resolve it? the error is HTTP Status 404 - /thirdweb/ -------------------------------------------------------------------------------- type Status report message /thirdweb/ description The requested resource (/thirdweb/) is not available. -------------------------------------------------------------------------------- Apache Tomcat/5.5.17 View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990737#3990737 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990737

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Injection at destroy time

by lowecg2004

Fair enough. I suppose that leads me to two questions: 1. is there a better way (a Seam way?) of handling my case where I have to write something to the DB at session timeout? 2. or is it okay both for me to use Component.getInstance() in this case? Thanks for your response. Chris. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990736#3990736 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990736

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Seam generate-entities failing

by Azavia

Oh, just got this: Error - /CommentEdit.xhtml: Bean: com.azavia.blog.User_$$_javassist_5, property: id | An Error Occurred: | /CommentEdit.xhtml: Bean: com.azavia.blog.User_$$_javassist_5, property: id | - Stack Trace | javax.el.ELException: /CommentEdit.xhtml: Bean: com.azavia.blog.User_$$_javassist_5, property: id | at com.sun.facelets.compiler.TextInstruction.write(TextInstruction.java:48) | at com.sun.facelets.compiler.UIInstructions.encodeBegin(UIInstructions.java:39) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChild(RendererUtils.java:433) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChildren(RendererUtils.java:419) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChild(RendererUtils.java:440) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.renderColumnBody(HtmlTableRendererBase.java:332) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeColumnChild(HtmlTableRendererBase.java:301) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeInnerHtml(HtmlTableRendererBase.java:277) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeChildren(HtmlTableRendererBase.java:123) | at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:524) | at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:234) | at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:239) | at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:580) | at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:384) | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:32) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:46) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) | at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:619) | + Component Tree | + Scoped Variables | Dec 2, 2006 4:36:55 AM - Generated by Facelets View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990735#3990735 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990735

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Seam generate-entities failing

by Azavia

Whoops, you're right. OK, just a few things then. I noticed that Seam assume syou're using the default configuration, and doesn't allow you to specify otherwise unless you do a mass search-replace. Everything else is looking great. Only thing is that it'd be nice if the generator would detect auto-incrementing columns, and not create a field for those, since one is usually not going to want to manually enter a value for that. Anyway, thanks for the help. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990734#3990734 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990734

18 years, 1 month

1
0
0 / 0

[Installation, Configuration & Deployment] - Re: Permission Issue

by genman

I've always got it to work by having jboss and the application entirely installed under a regular user/group NOT as root. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990732#3990732 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990732

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Seam generate-entities failing

by gavin.king＠jboss.com

You are wrong. It is definitely fixed by CR2. Delete the generated code and regenerate using CR2. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990731#3990731 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990731

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Excessive [could not destroy component] 1.1B1 to 1.1CR1

by gavin.king＠jboss.com

OK, thanks, that was a really subtle interaction between session context destruction and ManagedEntityIdentityInterceptor. Fixed now in CVS. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990730#3990730 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990730

18 years, 1 month

1
0
0 / 0

[JBoss Seam] - Re: Seam generate-entities failing

by Azavia

Hi, Unfortunately, that did not resolve the issue: Error - Error Parsing /ArticleEdit.xhtml: Error Traced[line: 135] The element type "s:button" must be terminated by the matching end-tag "</s:button>". | An Error Occurred: | Error Parsing /ArticleEdit.xhtml: Error Traced[line: 135] The element type "s:button" must be terminated by the matching end-tag "</s:button>". | - Stack Trace | com.sun.facelets.FaceletException: Error Parsing /ArticleEdit.xhtml: Error Traced[line: 135] The element type "s:button" must be terminated by the matching | end-tag "</s:button>". | at com.sun.facelets.compiler.SAXCompiler.doCompile(SAXCompiler.java:234) | at com.sun.facelets.compiler.Compiler.compile(Compiler.java:104) | at com.sun.facelets.impl.DefaultFaceletFactory.createFacelet(DefaultFaceletFactory.java:192) | at com.sun.facelets.impl.DefaultFaceletFactory.getFacelet(DefaultFaceletFactory.java:141) | at com.sun.facelets.impl.DefaultFaceletFactory.getFacelet(DefaultFaceletFactory.java:93) | at com.sun.facelets.FaceletViewHandler.buildView(FaceletViewHandler.java:503) | at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:553) | at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:384) | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:32) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:46) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) | at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:619) | + Component Tree | + Scoped Variables | Dec 2, 2006 3:21:10 AM - Generated by Facelets view/ArticleEdit.xhtml, lines 130-136: <div class="actionButtons"> | <s:button id="addcomment" value="Add comment" | view="/CommentEdit.xhtml" propagation="begin"> | <f:param name="articleId" | value="#{articleHome.instance.id}"/> | </s:link> | </div> | Obviously this is easily resolved, but it is obviously a bug. Further, I get this error when trying to create a comment: Error - /CommentEdit.xhtml: Bean: com.azavia.blog.User, property: id | An Error Occurred: | /CommentEdit.xhtml: Bean: com.azavia.blog.User, property: id | - Stack Trace | javax.el.ELException: /CommentEdit.xhtml: Bean: com.azavia.blog.User, property: id | at com.sun.facelets.compiler.TextInstruction.write(TextInstruction.java:48) | at com.sun.facelets.compiler.UIInstructions.encodeBegin(UIInstructions.java:39) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChild(RendererUtils.java:433) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChildren(RendererUtils.java:419) | at org.apache.myfaces.shared_impl.renderkit.RendererUtils.renderChild(RendererUtils.java:440) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.renderColumnBody(HtmlTableRendererBase.java:332) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeColumnChild(HtmlTableRendererBase.java:301) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeInnerHtml(HtmlTableRendererBase.java:277) | at org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeChildren(HtmlTableRendererBase.java:123) | at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:524) | at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:234) | at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:239) | at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:580) | at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:384) | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:32) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:46) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) | at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:619) | + Component Tree | + Scoped Variables | Dec 2, 2006 3:24:30 AM - Generated by Facelets I don't know if this is it, but in CommentEdit.xhtml, there is: <h:column> | <f:facet name="header">user username</f:facet> | #{article.user.id} | </h:column> | Is ID required for every table? It seems to be recognizing my primary key just fine everywhere else. Thanks for the replies. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990729#3990729 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990729

18 years, 1 month

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-user December 2006