[jboss-user] [JBossWS] - Basic Authentication with WSSecureEndpoint on JBoss 4.2.2GA
ejb3workshop
do-not-reply at jboss.com
Wed Oct 24 07:23:06 EDT 2007
I want to use Username Tokens to authenticate with a webservice provided by a Session Bean as shows:
@Stateless
| @WebService
| @EndpointConfig(configName="Standard WSSecurity Endpoint")
| @SecurityDomain("java:/jaas/THZone")
| @RolesAllowed("friend")
| @SOAPBinding(style=SOAPBinding.Style.DOCUMENT,
| use=SOAPBinding.Use.LITERAL,
| parameterStyle=SOAPBinding.ParameterStyle.BARE)
I searched the forum and found several references to :
http://wiki.jboss.org/wiki/Wiki.jsp?page=WSSecureEndpoint
which points to the user guide.
I configured the login module in conf/login-config.xml to use a properties file to test the configuration. However when I try to access the principal I get a null back. Since added the RolesAllowed annotation the service fails with :
anonymous wrote :
| 11:46:07,984 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[friend], principalRoles=[]
| 11:46:07,984 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
| javax.ejb.EJBAccessException: Authorization failure
| at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:120)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:77)
| at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:103)
| at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:220)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
| at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
| at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
| at java.lang.Thread.run(Thread.java:619)
|
It seems that I am just missing the right configuration. Any pointers on what to configure would help me a great deal.
Tx
Alex
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4098251#4098251
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4098251
More information about the jboss-user
mailing list