[jboss-user] [JBossWS] - Re: Access ejb 3.0 exposed web service using https

[cboatwright]

On your first question, I'm not certain myself but am about to start looking into this myself. I imagine the client will need access to the certificate authority store much like a browser has its list of CAs.

On your second question: yes. A WAR file is created if you don't have one yourself. If you use the annotations of "@PortComponent" you can set some of the basis info there. Then a web.xml and jboss-web.xml are created for you. However, I found it best to create your own WAR with those files (in the standard WEB-INF location, of course) so you can handle security. It took me a little while to figure out that the generate WAR does not seem (and I'd love if someone knew how to do it) to generate the <security-constraint> and <login-config> nodes required for authentication. It will only generate the <servlet and <servlet-mapping> nodes. The "@PortComponent" annotation has parameters which would lead one to believe (e.g. authMethod) it would create the security nodes as well, but after many days of stuggle, I never could get it to.

Be sure you define your WAR in your EAR's META-INF/application.xml file. Otherwise, a generated WAR might still be created.

Since the "ServiceEndpointID" is nicely generated via the generated WAR, you may consider letting it generate it for you the first time and coping the web.xml and jboss-web.xml to your own project for packaging (just go to your JBOSS_HOME/server/SERVER_INSTANCE/tmp/deploy directory and look for your ear.

If you don't care about authentication then I suppose you could just go with the generated one.

I'm somewhat new to JBossWS myself, so take my advice with a gain of salt :-)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975931#3975931

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975931