[jboss-user] [JBossWS] - Basic Authentication with WSSecureEndpoint on JBoss 4.2.2GA

ejb3workshop do-not-reply at jboss.com
Wed Oct 24 07:23:06 EDT 2007 

I want to use Username Tokens to authenticate with a webservice provided by a Session Bean as shows:

@Stateless
  | @WebService
  | @EndpointConfig(configName="Standard WSSecurity Endpoint")
  | @SecurityDomain("java:/jaas/THZone")
  | @RolesAllowed("friend")
  | @SOAPBinding(style=SOAPBinding.Style.DOCUMENT,
  |              use=SOAPBinding.Use.LITERAL,
  |              parameterStyle=SOAPBinding.ParameterStyle.BARE)

I searched the forum and found several references to :

http://wiki.jboss.org/wiki/Wiki.jsp?page=WSSecureEndpoint

which points to the user guide. 

I configured the login module in conf/login-config.xml to use a properties file to test the configuration. However when I try to access the principal I get a null back. Since added the RolesAllowed annotation the service fails with : 

anonymous wrote : 
  | 11:46:07,984 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[friend], principalRoles=[]
  | 11:46:07,984 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
  | javax.ejb.EJBAccessException: Authorization failure
  |         at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:120)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:77)
  |         at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:103)
  |         at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:220)
  |         at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
  |         at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
  |         at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
  |         at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
  |         at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
  |         at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  |         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  |         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  |         at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  |         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  |         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  |         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  |         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  |         at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
  |         at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  |         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  |         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  |         at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  |         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  |         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
  |         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  |         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  |         at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
  |         at java.lang.Thread.run(Thread.java:619)
  | 

It seems that I am just missing the right configuration. Any pointers on what to configure would help me a great deal.

Tx
Alex


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4098251#4098251

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4098251

More information about the jboss-user mailing list