[jbossws-users] [JBossWS] - Trying to use jboss.xml instead of @WebContext
Markus Schulz
msc at antzsystem.de
Fri Aug 1 07:04:30 EDT 2008
Am Freitag, 1. August 2008 schrieb karypid:
> Hello,
>
> I'm trying to secure a web service with basic http authentication,
> but I want to keep all JBoss-specific configuration out of my code.
> Therefore, I need some pointers as to how to express the @WebContext
> annotation (used to specify BASIC http authentication) in the
> jboss.xml deployment descriptor.
>
> In more detail:
>
> I have my service implemented as a stateless session bean. I have
> found the following code works perfectly to require authorization,
> but uses JBoss-specific annotations (marked in bold font):
>
> @Stateless
>
> | @WebService at SecurityDomain("JBossWS")@RolesAllowed("someRole")@We
> |bContext(authMethod = "BASIC", transportGuarantee = "NONE",
> | secureWSDLAccess = false)public class MyWSBean { //...
> | }
>
> I therefore remove the @SecurityDomain and @WebContext annotations
> and added a jboss.xml deployment descriptor as follows:
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> | <jboss> <security-domain>java:/jaas/JBossWS</security-domain> <en
> |terprise-beans> <session>
> | <ejb-name>MyWSBean</ejb-name>
> | <port-component>
> | <port-component-name>MyWSBean</port-component-name> <auth-
> |method>BASIC</auth-method> </port-component> </session>
> | </enterprise-beans>
> | </jboss>
i have exactly the same problem. Only the port-component seems to be
ignored, cause changing the jndi-name inside <session> for a bean works
fine.
--
Markus Schulz
More information about the jbossws-users
mailing list