[jboss-user] [JBossWS] - Securing POJO Web Service in 4.0.3 SP1

parmarsanjay do-not-reply at jboss.com
Tue Oct 10 01:16:22 EDT 2006


I have created one POJO Webservice and everything works fine but I run into issues as soon as I try to secure the Web Service. Here are the steps I am following to secure the Web Service. 

-Modified the web.xml to specify the contraints. 
==============================

<servlet-name>InfoServiceServlet</servlet-name>
<servlet-class>com.info.webservice.InfoServiceImpl</servlet-class>

<servlet-mapping>
	<servlet-name>InfoServiceServlet</servlet-name>
	<url-pattern>/InfoService</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
	<web-resource-name>Protected Area</web-esource-name>
	<url-pattern>/InfoService</url-pattern>
</web-resource-collection>
<auth-constraint>
	<role-name>InfoUser</role-name>
</auth-constraint>
</security-constraint>

- Modified the client code to pass the username/password.
==============================

((Stub) bookQuery)._setProperty(Stub.USERNAME_PROPERTY, "username");
        ((Stub) bookQuery)._setProperty(Stub.PASSWORD_PROPERTY, "password");



When I run the client, I get following errors on the client side. 

------------
HTTP transport error: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Invalid Cont
ent-Type:text/html. Is this an error message instead of a SOAP response?
        at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTran
sport.java:148)
        at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:96)

        at com.zafe.webservice.ZafeInfoService_Stub.isServerAlive(ZafeInfoServic
e_Stub.java:276)
        at com.zafe.test.webservice.TestInfoService.testIsServerAlive(TestInfoSe
rvice.java:264)
        at com.zafe.test.webservice.TestInfoService.main(TestInfoService.java:67
)

CAUSE:
com.sun.xml.messaging.saaj.SOAPExceptionImpl: Invalid Content-Type:text/html. Is
 this an error message instead of a SOAP response?
        at com.sun.xml.messaging.saaj.soap.MessageImpl.identifyContentType(Messa
geImpl.java:581)
        at com.sun.xml.messaging.saaj.soap.MessageImpl.(MessageImpl.java:2
54)
        at com.sun.xml.messaging.saaj.soap.ver1_1.Message1_1Impl.(Message1
_1Impl.java:49)
        at com.sun.xml.messaging.saaj.soap.ver1_1.SOAPMessageFactory1_1Impl.crea
teMessage(SOAPMessageFactory1_1Impl.java:43)
        at com.sun.xml.rpc.client.http.HttpClientTransport.readResponse(HttpClie
ntTransport.java:241)
        at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTran
sport.java:113)
        at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:96)

        at com.zafe.webservice.ZafeInfoService_Stub.isServerAlive(ZafeInfoServic
e_Stub.java:276)
        at com.zafe.test.webservice.TestInfoService.testIsServerAlive(TestInfoSe
rvice.java:264)
        at com.zafe.test.webservice.TestInfoService.main(TestInfoService.java:67
)

- I also have modified the jboss-web.xml to specify the security domain. 

Any idea why I am running into this issue? If I remove the security contraint from web.xml, everything works fine.

Cheers,
Sanjay


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3977119#3977119

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3977119



More information about the jboss-user mailing list