[jboss-user] [JBossWS] - User authorization in Web Service
ike
do-not-reply at jboss.com
Fri Jul 27 03:48:54 EDT 2007
How to setup user authentication in a web service? I have something like:
@Stateless
@WebService(endpointInterface="com.m1.sample.core.IRoleMgrWebService")
@SecurityDomain("mydomain")
public class RoleMgrEjbWeb implements IRoleMgrWebService {
...
@AllowedRoles("role")
public void doSomething() {...}
}
The client is like that:
URL url = new URL("http://127.0.0.1:8080/RoleMgrEjbWebService/RoleMgrEjbWeb?wsdl");
QName qname = new QName("http://core.sample.m1.com/", "RoleMgrEjbWebService");
ServiceFactory factory = ServiceFactory.newInstance();
Service service = factory.createService(url, qname);
IRoleMgrWebService ws = (IRoleMgrWebService) service.getPort(IRoleMgrWebService.class);
ws.doSomething();
What should I write to pass user's credentials? I tried something like:
URL url = Thread.currentThread().getContextClassLoader().getResource("auth.conf");
System.setProperty("java.security.auth.login.config", url.toString());
javax.security.auth.login.LoginContext lh = new javax.security.auth.login.LoginContext("aloe",
new AloeLoginHandler("ike", "1"));
lh.login();
But that works only if I call EJB's not service.
Btw, is there any documentation about authentication and authorization in jboss web services?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4068118#4068118
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4068118
More information about the jboss-user
mailing list