[jboss-user] [JBossWS] - Re: Secure Webservice

[sgarelle]

Hi,

I am facing exactly the same problem... So, what's the solution?

I am using JBoss_4_2_1_GA.

On client side, I also use the request context to set the user name and password:
    
  |     CmiEndPoint proxy = (CmiEndPoint) service.getPort(CmiEndPoint.class);
  |     BindingProvider bp = (BindingProvider) proxy;
  |     Map<String, Object> reqCtxt = bp.getRequestContext();
  |     reqCtxt.put(BindingProvider.USERNAME_PROPERTY, user);
  |     reqCtxt.put(BindingProvider.PASSWORD_PROPERTY, password);
  |     proxy.execCmd("Do this command");
  | 

On server side, the WebService is simply declared with the "@WebService" annotation. A security-domain is defined in jboss.xml. Users are defined.

The command failed because of an authentification failure: 
javax.xml.ws.soap.SOAPFaultException: Authentication failure
The same user/password used for a RMI client calling directly the underlying stateless session bean works. 
The same WS client with security disabled on server works.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4078883#4078883

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4078883