[jboss-user] [JBossWS] - Authorization Failure using secure end point

mendaye do-not-reply at jboss.com
Fri Nov 30 08:26:15 EST 2007 

Hello All:

I follow the user guide on JBOSSWS2.0.GA to create basic authentication for the web services created using secure EJB3.0 end-point. However, I am getting authorization error when the consumer request the service. 
Can some one help me to resolve this issue? Below is consumer, statless EJB, service end-point interface and exception thrown...

Consumer Code:

  | import java.net.URL;
  | import java.util.ArrayList;
  | import java.util.Vector;
  | import java.util.HashMap;
  | 
  | import javax.xml.namespace.QName;
  | import javax.xml.ws.Service;
  | import javax.xml.ws.BindingProvider;
  | 
  | import com.panduit.acmnms.db.Device;
  | import com.panduit.acmnms.db.DeviceType;
  | import com.panduit.pvng.service.api.db.interfaces.PVNGDeviceEndPoint;
  | import com.panduit.pvng.service.api.db.ejb.TestDeviceBean;
  | import com.panduit.acmnms.beans.*;
  | 
  | 
  | public class WsClientTest {
  | 	
  | 	
  | 	static void printDeviceObj(DeviceTypeObject devTypeObj){
  | 		System.out.println("----------------------------------------------------");
  | 		System.out.println("deviceType = "+ devTypeObj.getDeviceType());
  | 	    System.out.println("deviceType = "+ devTypeObj.getDescription());
  | 		System.out.println("deviceType = "+ devTypeObj.getNumberPorts());
  | 	    System.out.println("deviceType = "+ devTypeObj.getNumRackSpaces());
  | 		System.out.println("deviceType = "+ devTypeObj.getVendorId());
  | 	    System.out.println("deviceType = "+ devTypeObj.getIconFilePath());
  | 		System.out.println("deviceType = "+ devTypeObj.getIsactive());
  | 	    System.out.println("deviceType = "+ devTypeObj.getIsdualPort());
  | 		System.out.println("deviceType = "+ devTypeObj.getDeviceCategoryDesc());
  | 	    System.out.println("deviceType = "+ devTypeObj.getIsSwitchType());
  | 		System.out.println("deviceType = "+ devTypeObj.getPartNumber());
  | 	    System.out.println("deviceType = "+ devTypeObj.getPortGroupCount());
  | 	    System.out.println("----------------------------------------------------");
  | 		
  | 	}
  | 
  | 	/**
  | 	 * @param args
  | 	 */
  | 	public static void main(String[] args) throws Exception {
  | 		// TODO Auto-generated method stub
  | 	      //URL url = new URL("http://localhost:8080/api-service-1/PVNGDevice?wsdl");
  | 	      URL url = new URL("http://127.0.0.1:8080/pvng-api-service-1.0/TestDeviceBean?wsdl");
  | 	      QName qname = new QName("http://api.service.pvng.panduit.com/deviceaccess", "DeviceService");
  |           Service service = Service.create(url, qname);
  |        
  | 
  | 	      PVNGDeviceEndPoint deviceEndPoint = (PVNGDeviceEndPoint) service.getPort(PVNGDeviceEndPoint.class);
  |           //This was added to support basic Authentications
  | 	      BindingProvider bp = (BindingProvider)deviceEndPoint;
  |           bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit");
  |           bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
  | 
  |            DeviceTypeObject deviceTypObj = (DeviceTypeObject) deviceEndPoint.getSingleDeviceType(1);
  | 	      if( deviceTypObj != null ){
  | 	    	  System.out.println(" ***** Device Type when ID is 1");
  | 	    	  WsClientTest.printDeviceObj( deviceTypObj);
  | 	      }
  | 	      
  | 
  |           ArrayList deviceWsObjs = deviceEndPoint.getAllExistingDeviceTypes();
  | 	      if( deviceWsObjs != null && deviceWsObjs.size() > 0){
  | 	    	  System.out.println("****** All Device Type data");
  | 	    	  for( int i = 0; i < deviceWsObjs.size(); i++ ){
  | 	    		  WsClientTest.printDeviceObj((DeviceTypeObject)deviceWsObjs.get(i));
  | 	    	  }
  | 	      }
  | 	}
  | }
  | 
  | 
  | 

EJB service end point code:


  | 
  | package com.panduit.pvng.service.api.db.ejb;
  | import java.util.ArrayList;
  | 
  | import com.panduit.acmnms.beans.DeviceTypeObject;
  | import com.panduit.acmnms.db.Device;
  | import com.panduit.acmnms.db.DeviceType;
  | import com.panduit.pvng.service.api.db.dao.PVNGAPIDeviceDAO;
  | import com.panduit.pvng.service.api.db.interfaces.TestDevice;
  | import com.panduit.pvng.service.exception.PVNGAPIException;
  | 
  | import javax.annotation.Resource;
  | import javax.annotation.security.DeclareRoles;
  | import javax.annotation.security.RolesAllowed;
  | import javax.annotation.security.DeclareRoles;
  | import javax.ejb.Remote;
  | import javax.ejb.Stateless;
  | import javax.jws.WebParam;
  | import javax.jws.WebService;
  | import javax.jws.WebMethod;
  | import javax.jws.soap.SOAPBinding;
  | import javax.xml.ws.WebServiceContext;
  | 
  | import org.jboss.annotation.ejb.RemoteBinding;
  | import org.jboss.annotation.security.SecurityDomain;
  | 
  | @Stateless
  | @SecurityDomain("JBossWS")
  | //@DeclareRoles("friend")
  | @RolesAllowed("friend")
  | @Remote(TestDevice.class)
  | @RemoteBinding(jndiBinding="ejb3/TestDevice")
  | @WebService(name = "PVNGDeviceEndPoint", targetNamespace = "http://api.service.pvng.panduit.com/deviceaccess", serviceName = "DeviceService")
  | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL)
  | public class TestDeviceBean implements TestDevice{
  | 	
  | 
  | 	@WebMethod(operationName = "getAllExistingDeviceTypes")
  | 	public ArrayList <DeviceTypeObject> getAllDevicesTypes() throws PVNGAPIException{
  | 	 	 PVNGAPIDeviceDAO loPVNGAPIDeviceDAO = new PVNGAPIDeviceDAO();
  | 	     // call the business method in DAO class
  | 	     ArrayList <DeviceTypeObject>lalPortInfo = loPVNGAPIDeviceDAO.getAllDeviceTypes();
  | 	     // Return the information back to the calling program
  | 	     return lalPortInfo;		
  | 	}
  | 
  | 
  | 	@WebMethod(operationName = "getSingleDeviceType")
  | 	public DeviceTypeObject getDeviceType(@WebParam (name="DeviceTypeID") int deviceTypeId) throws PVNGAPIException{
  |     	PVNGAPIDeviceDAO loPVNGAPIDeviceDAO = new PVNGAPIDeviceDAO();
  | 	    // call the business method in DAO class
  |     	DeviceTypeObject deviceTypeObj =  loPVNGAPIDeviceDAO.getDeviceTypeById(deviceTypeId);
  | 	    // Return the information back to the calling program
  | System.out.println(" **** EJB Called and ArrayList for Device  Type name :"+ deviceTypeObj.getDescription());
  |     	    return deviceTypeObj; 
  | 	}	
  | }
  | 
  | 

Service End Point Interface:


  | package com.panduit.pvng.service.api.db.interfaces;
  | 
  | import java.rmi.Remote;
  | import java.rmi.RemoteException;
  | import java.util.ArrayList;
  | 
  | import javax.jws.WebMethod;
  | import javax.jws.WebParam;
  | import javax.jws.WebService;
  | import javax.jws.soap.SOAPBinding;
  | 
  | import com.panduit.acmnms.beans.DeviceTypeObject;
  | import com.panduit.pvng.service.exception.PVNGAPIException;
  | 
  | @WebService(name = "PVNGDeviceEndPoint", targetNamespace = "http://api.service.pvng.panduit.com/deviceaccess", serviceName = "DeviceService")
  | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL)
  | 
  | public interface PVNGDeviceEndPoint extends Remote {
  | 	@WebMethod(operationName = "getSingleDeviceType")
  | 	public DeviceTypeObject getSingleDeviceType(@WebParam (name="DeviceTypeID", partName="DeviceTypeID") int deviceTypeId) throws RemoteException, PVNGAPIException;
  | 	//public ArrayList<DeviceTypeObject> getAllDevicesTypes() throws PVNGAPIException;
  | 	@WebMethod(operationName = "getAllExistingDeviceTypes")
  | 	public ArrayList<DeviceTypeObject> getAllExistingDeviceTypes() throws RemoteException, PVNGAPIException;
  | }
  | 
  | 

Here is the exception thrown when consumer request the service. 


  |      [java] DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext
  | : org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS at 17918f0 (Thread main)
  |      [java] Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Aut
  | horization failure
  |      [java]     at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultExce
  | ption(SOAPFaultHelperJAXWS.java:69)
  |      [java]     at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFault
  | Exception(SOAP11BindingJAXWS.java:109)
  |      [java]     at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(Com
  | monSOAPBinding.java:553)
  |      [java]     at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:371)
  |      [java]     at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.j
  | ava:243)
  |      [java]     at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy
  | .java:164)
  |      [java]     at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy
  | .java:150)
  |      [java]     at $Proxy13.getSingleDeviceType(Unknown Source)
  |      [java]     at ejb.WsClientTest.main(WsClientTest.java:70)
  |      [java] Java Result: 1
  | 

I checked security data for JBossWS in login-config.xml, jbossws-user.properties and jbossws-role.properties. I don't see any problem, all of them are correct. I am not sure what is going on here... Help Help..

Thanks,
Surafel

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4109303#4109303

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4109303

More information about the jboss-user mailing list