Hello all,
I am testing authenticated access to a web service, with a security domain of my own and
username/password taken from a mySQL database. I am using JBoss 4.0.5 and JBossWS 2.0.3,
and on my localhost I have the mySQL database from where the username and password are
taken, as well as the client.
Everything works perfectly when I have all things deployed locally (web service, database,
client). However, I run into problems when invoking the web service deployed on a remote
machine.
On the remote server console a "no route to host" error appears:
anonymous wrote :
| Caused by: com.mysql.jdbc.CommunicationsException: Communications link failure due to
underlying exception:
|
| ** BEGIN NESTED EXCEPTION **
|
| java.net.SocketException
| MESSAGE: java.net.NoRouteToHostException: No route to host
|
| STACKTRACE:
|
| java.net.SocketException: java.net.NoRouteToHostException: No route to host
| at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156)
| at com.mysql.jdbc.MysqlIO.(MysqlIO.java:284)
|
On the client side I receive an "Unauthorized" error:
anonymous wrote : 3875 [main] DEBUG org.jboss.remoting.transport.http.HTTPClientInvoker -
Error invoking http client invoker.
| org.jboss.ws.WSException: Invalid HTTP server response [401] - Unauthorized
| at
org.jboss.ws.core.soap.SOAPMessageUnMarshaller.read(SOAPMessageUnMarshaller.java:77)
| at
org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:175)
| ...
| javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message
|
Using the default "JBossWS" security domain, with username "kermit"
and password "thefrog" taken from users.properties, works with both local and
remote deployment of my web service. So I was thinking maybe the data source is not
found?
However, the database seems to be correctly bound, judging by the server log data:
anonymous wrote : INFO [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService]
Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=jdbc/WSTwoDS' to
JNDI name 'java:jdbc/WSTwoDS'
Perhaps my client needs special jndi.properties settings? (pure brainstorming, potentially
stupid, based on some forum posts I browsed)
How my files look like:
Security-relevant annotations on Web Service (which is deployed as SLSB in an ear):
@org.jboss.wsf.spi.annotation.WebContext(contextRoot = "/webservices-ws",
urlPattern="/services/WSTwo/*", authMethod="BASIC",
transportGuarantee="NONE", secureWSDLAccess=false)
| @SecurityDomain("wstwo")
| @RolesAllowed("friend")
In server/default/conf/login-config.xml on the remote machine I have added the
"wstwo" application policy thus:
<application-policy name="wstwo">
| <authentication>
| <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag="required">
| <module-option
name="dsJndiName">java:/jdbc/WSTwoDS</module-option>
| <module-option name="principalsQuery">
| select pass from USERS where login=?
| </module-option>
| <module-option name="rolesQuery">
| select role,'Roles' from USER_ROLES where login=?
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
And the data source for the web service is defined in the server/default/deploy/*-ds.xml
file like this:
<local-tx-datasource>
| <jndi-name>jdbc/WSTwoDS</jndi-name>
|
<connection-url>jdbc:mysql://IP_OF_MY_LOCALHOST:3306/security</connection-url>
| ...
| </local-tx-datasource>
And of course the tables as described in the application policy are defined on my local
machine.
In the client I pass the username and password:
((BindingProvider)wstwo).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"user");
| ((BindingProvider)wstwo).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"pass");
Does anyone have any idea about where I'm doing something wrong? Thank you!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4162598#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...