[jboss-user] [JBoss Web Services] - WS Authentication with postgre sql DB

Stefano Ficcadenti do-not-reply at jboss.com
Mon Jun 7 12:23:10 EDT 2010


Stefano Ficcadenti [http://community.jboss.org/people/Samb1985] created the discussion

"WS Authentication with postgre sql DB"

To view the discussion, visit: http://community.jboss.org/message/546520#546520

--------------------------------------------------------------
I'm trying to implement ws security authentication on a Web Service deployed on JBoss 5.1

Username, password and roles are stored in a Postgre sql database (Tables: Users(username,password), UserRoles(username,roles)).

So I start with a simple Web Service and it's client without any security.
Then I insert on login-config.xml the follow entry:

<application-policy name="TestSecurity">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
        flag="required">
        <module-option name="dsJndiName">java:/TestWSSecurityDS</module-option>
        <module-option name="principalsQuery">select passwd from "public"."Users" where username = ? </module-option>
        <module-option name="rolesQuery">select userroles AS Roles from "public"."UserRoles" where username = ?  </module-option>
      </login-module>
    </authentication>
  </application-policy>

On Web Service web.xml:

<security-constraint>
     <web-resource-collection>
         <web-resource-name> TestWs </web-resource-name>
         <url-pattern>/TestWs</url-pattern>
         <http-method>POST</http-method>
     </web-resource-collection>
     <auth-constraint>
         <role-name>admin</role-name>
     </auth-constraint>
 </security-constraint>
 <login-config>
     <auth-method>BASIC</auth-method>
    <realm-name>TestSecurity</realm-name>
 </login-config>
 <security-role>
     <role-name>admin</role-name>
 </security-role>

On Web Service jboss-web.xml

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
     <security-domain>java:/jaas/TestSecurity</security-domain>
</jboss-web>

On client I use BindingProvider to set username and password of an admin user.

But when I run the client it don't work and throw: com.sun.xml.ws.client.ClientTransportException: request requires HTTP authentication: Unauthorized

Why ? Where is the problem ?

--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/546520#546520]

Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100607/71ef9591/attachment.html 


More information about the jboss-user mailing list