[JBossWS] - EJB3 SessionBean endpoint and security
by cboatwright
I recently [finally] had time to upgrade to Eclipse 3.2 and JBoss 4.0.4 and ejb3 and am prototyping out some Web Services using the "181" way. I did the "HelloWorld" example in the Wiki (http://wiki.jboss.org/wiki/Wiki.jsp?page=JBWS181HelloWorld) and got things working very quickly.
I then saw many examples about how to create an endpoint out of a EJB3 session bean. Again, very easy. Very nice.
However, when I searched for how to setup security, I've run into problems. I added the @SecurityDomain and so forth, but cannot get it to secure and/or a client to authenticate.
My goal is simply: create a Web Service that a client can call with a username and password that the JBoss JAAS container can handle. It appears that this can be done, but I must be missing something simple. I appears you add the "@PortComponent" and "@SecurityDomain" and "@RolesAllowed" annotations and pass in the valid information.
When a client access the Web Service it get an authentication error even though I think I'm passing in the correct username/password. I'm using the defaults (kermit/thefrog in the role "friend").
The EJB3 Stateless Session Bean endpoint:
| package com.buildlinks.ejb;
|
| import java.rmi.RemoteException;
| import java.security.Identity;
| import java.security.Principal;
|
| import javax.annotation.Resource;
| import javax.annotation.security.RolesAllowed;
| import javax.ejb.EJB;
| import javax.ejb.SessionContext;
| import javax.ejb.Stateless;
| import javax.jws.WebMethod;
| import javax.jws.WebService;
| import javax.jws.soap.SOAPBinding;
| import javax.naming.Context;
| import javax.naming.InitialContext;
| import javax.naming.NamingException;
| import javax.persistence.Transient;
|
| import org.jboss.annotation.security.SecurityDomain;
| import org.jboss.ws.annotation.PortComponent;
|
| @EJB(name="HelloWorldBean", description="", beanInterface=com.buildlinks.ejb.HelloWorld.class, beanName="HelloWorldBean")
| @WebService(name="HelloWorld")
| @SOAPBinding(style = SOAPBinding.Style.RPC)
| @PortComponent(authMethod="BASIC", transportGuarantee="NONE", urlPattern="/*", contextRoot="/BuildLinksEjb3")
| @SecurityDomain("JBossWS")
| @RolesAllowed("friend")
|
| /**
| * @author cboatwright
| */
| public @Stateless class HelloWorldBean implements HelloWorld
| {
| @Resource
| @Transient
| SessionContext ctx;
|
| public HelloWorldBean()
| {
| System.out.println("HelloWorldBean created");
| }
|
| @WebMethod
| public String echoString(String str1, String str2) throws RemoteException
| {
| System.out.println("str=" + str1 + ", str2=" + str2);
|
| if (ctx != null)
| {
| Principal caller = ctx.getCallerPrincipal();
| Identity identity = ctx.getCallerIdentity();
| System.out.println("isCallerInRole(friend)=" + ctx.isCallerInRole("friend"));
| System.out.println("caller=" + caller);
| System.out.println("identity=" + identity);
| }
|
| return "Thanks you for sending [" + str1 + "] and [" + str2 + "]";
| }
| }
|
The calling client:
| package com.buildlinks.client;
|
| import java.net.URL;
| import java.util.Properties;
|
| import javax.xml.namespace.QName;
| import javax.xml.rpc.Service;
| import javax.xml.rpc.ServiceFactory;
| import javax.xml.rpc.Stub;
|
| import org.jboss.ws.jaxrpc.ServiceFactoryImpl;
| import org.jboss.ws.jaxrpc.StubExt;
|
| import com.buildlinks.ejb.HelloWorld;
|
| public class WsClientTest
| {
| public static void main(String[] args)
| {
| try
| {
| // http://java.sun.com/j2se/1.4.2/docs/guide/net/properties.html
| Properties systemSettings = System.getProperties();
| systemSettings.put("http.basic.username", "kermit");
| systemSettings.put("http.basic.password", "thefrog");
| // systemSettings.put("http.proxyHost", "localhost");
| // systemSettings.put("http.proxyPort", "8888");
| // systemSettings.put("http.nonProxyHosts", "");
| // systemSettings.put("http.proxyUserName",username);
| // systemSettings.put("http.proxyPassword",password);
| System.setProperties(systemSettings);
|
| URL url = new URL("http://localhost/BuildLinksEjb3/HelloWorldBean?wsdl");
| QName qname = new QName("http://ejb.buildlinks.com/jaws", "HelloWorldBeanService");
|
| ServiceFactory factory = ServiceFactoryImpl.newInstance();
| Service service = factory.createService(url, qname);
|
| HelloWorld webServiceProxy = (HelloWorld)service.getPort(HelloWorld.class);
| ((Stub)webServiceProxy)._setProperty(StubExt.USERNAME_PROPERTY, "kermit");
| ((Stub)webServiceProxy)._setProperty(StubExt.PASSWORD_PROPERTY, "thefrog");
|
| System.out.println("Before");
| String rv = webServiceProxy.echoString("Colin", "Boatwright");
| System.out.println("After");
|
| System.out.println("rv=" + rv);
|
| }
| catch (Exception e)
| {
| e.printStackTrace(System.err);
| }
| }
| }
|
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3973462#3973462
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3973462
19 years, 7 months
[JBoss jBPM] - Complex business process orchestration
by isterin
So we're faced with a bit of a dilemma and I'm wonderinf if someone can shed some light.
We plan on using jBPM in our workflow applications. The overall busienss process for the application is a bit complex.
So we are going to have multiple levels of subprocesses (my understanding is that jBPM supports that). So without actually providing a BPEL and/or JPDL file here, I'm going to demonstrate a part of it using pseudo...
<process>
| <subprocess1>
| <subprocess1.1>
| <task1/>
| <task2/>
| </subprocess1.1>
| </subprocess1>
| <subprocess2>
| <subprocess2.1>
| <task1/>
| <task2/>
| </subprocess2.1>
| </subprocess2>
| <process>
Ok, so with that in mind, say subprocess1 and subprocess2 are sequential (flow in BPEL). (We don't care whether we orchestrate this in JPDL and/or BPEL, as long as it does the job). The tasks are flows as well. So basically some subprocesses will be sequention, some not.
The issue is that once say subprocess1->subprocess1.1->task1 is completed, it's marked complete. Say the task is filling out some form. After task2 is completed, the subprocess1.1 is closed. We need a way to at any given point and time redo task1, basically from a web app perspective, the customer needs to be able to edit a form. We also thought about not closing certain subprocesses, but the sequential ones must be closed, therefore the issue is how do we model a business process (and if it can even be done), that will allow us to peform various tasks from processes that are already closed.
Do we define tasks within the main process that are basically random flow tasks that can be performed in parallel to any subprocesses? Or is there some other way of doing this?
Thanks.
Ilya Sterin
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3973459#3973459
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3973459
19 years, 7 months