[jboss-user] [JBossWS] - Username token Profile and JAAS Authentication
do-not-reply at jboss.com
Fri Sep 22 09:19:27 EDT 2006
I finally managed to get the username token profile stuff working.
It ends up in the endpoint. But for Servlet Based Endpoints (perhaps also for ejb based endpoints) it seems that noting happens with the username and password. I had expected the JAAS Module associated with the webapp to be called but it is not. So the Principal is also not created.
I am overlooking something?
Even if only using the username token profile option of WS-Security (no message encryption or signing) still a Jboss-wsse-server.xml is needed. The current handelInbound method of WSSecurityDispatcher does not take the username into account it seems.
It would be a good idea to user / develop a suitable CallBackHandler / LoginModule to create the principle. Is any work done on this?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3973559#3973559
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3973559
More information about the jboss-user