You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by Faw <fa...@gmail.com> on 2010/09/10 16:08:44 UTC
Re: Secure WebService with BASIC Authentication
Ivan Xu wrote:
>
> There is a test case for ejb security web service sample, please refer to
> https://svn.apache.org/repos/asf/geronimo/server/branches/2.2/testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec
>
> Ivan
>
I was able to create a secure webservice using the sample. Thanks for the
help. The only problem I have now is that it is securing every method, the
"http-method" items aren't working. I wanted the WSDL visible (GET) while
keeping the actual requests (POST) secured. Is not really that big of a
deal, just an annoyance. This is my config:
<ejb:web-service-security>
<ejb:security-realm-name>geronimo-admin</ejb:security-realm-name>
<ejb:transport-guarantee>NONE</ejb:transport-guarantee>
<ejb:auth-method>BASIC</ejb:auth-method>
<ejb:http-method>POST</ejb:http-method>
<ejb:http-method>PUT</ejb:http-method>
</ejb:web-service-security>
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1452593.html
Sent from the Users mailing list archive at Nabble.com.
Re: Secure WebService with BASIC Authentication
Posted by Faw <fa...@gmail.com>.
Ivan Xu wrote:
>
>
> which version and assembly do you use ? Geronimo 2.2 Tomcat ?
>
> 2010/9/11 Faw <fa...@gmail.com>
>
> --
> Ivan
>
>
I'm using geronimo-jetty 2.2. Tested on geronimo-tomcat 2.2 it deploys but
it throws 3 errors (errors at the end of this message). So there is a
problem somewhere, could be my config, jetty, or tomcat just want to know
who to blame. I just started with geronimo, so I think it might be my
config.
Here is the test service I made: http://www.megaupload.com/?d=4KSTASG4
Here is the eclipse project: http://www.megaupload.com/?d=HPWLR3FX
Uses the geronimo-admin realm, the path to the wsdl is
http://<geronimo-server>/TestService?wsdl
Errors:
2010-09-13 14:15:34,258 ERROR [EjbModuleBuilder]
AxisModuleBuilderExtension.initContext() failed: Duplicate contextID
registered!
com.mycompamy/SecureService/1.0/car?EJBModule=com.mycompamy/SecureService/1.0/car,J2EEApplication=null,j2eeType=StatelessSessionBean,name=TestService
2010-09-13 14:15:36,520 ERROR [WsdlGeneratorUtils] Process failed: wsgen can
not generate WSDL for SOAP 1.2 binding:
http://www.w3.org/2003/05/soap/bindings/HTTP/ on class:
com.mycompany.TestServiceBean.
2010-09-13 14:15:36,530 ERROR [EjbModuleBuilder]
JAXWSEJBModuleBuilderExtension.addGBeans() failed: WSDL generation failed
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1467642.html
Sent from the Users mailing list archive at Nabble.com.
Re: Secure WebService with BASIC Authentication
Posted by Ivan <xh...@gmail.com>.
which version and assembly do you use ? Geronimo 2.2 Tomcat ?
2010/9/11 Faw <fa...@gmail.com>
>
>
> Vamsavardhana Reddy-2 wrote:
> >
> > What happens if you put the @RolesAllowed("admin") annotation on the
> > methods
> > instead of the bean class?
> >
> > --
> > Vamsi
> >
>
> No difference, still asks for uid/pwd when requesting wsdl file.
>
> --
> View this message in context:
> http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1453868.html
> Sent from the Users mailing list archive at Nabble.com.
>
--
Ivan
Re: Secure WebService with BASIC Authentication
Posted by Faw <fa...@gmail.com>.
Vamsavardhana Reddy-2 wrote:
>
> What happens if you put the @RolesAllowed("admin") annotation on the
> methods
> instead of the bean class?
>
> --
> Vamsi
>
No difference, still asks for uid/pwd when requesting wsdl file.
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1453868.html
Sent from the Users mailing list archive at Nabble.com.
Re: Secure WebService with BASIC Authentication
Posted by Vamsavardhana Reddy <c1...@gmail.com>.
What happens if you put the @RolesAllowed("admin") annotation on the methods
instead of the bean class?
On Fri, Sep 10, 2010 at 7:38 PM, Faw <fa...@gmail.com> wrote:
>
>
> Ivan Xu wrote:
> >
> > There is a test case for ejb security web service sample, please refer to
> >
> https://svn.apache.org/repos/asf/geronimo/server/branches/2.2/testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec
> >
> > Ivan
> >
>
> I was able to create a secure webservice using the sample. Thanks for the
> help. The only problem I have now is that it is securing every method, the
> "http-method" items aren't working. I wanted the WSDL visible (GET) while
> keeping the actual requests (POST) secured. Is not really that big of a
> deal, just an annoyance. This is my config:
>
> <ejb:web-service-security>
> <ejb:security-realm-name>geronimo-admin</ejb:security-realm-name>
> <ejb:transport-guarantee>NONE</ejb:transport-guarantee>
> <ejb:auth-method>BASIC</ejb:auth-method>
> <ejb:http-method>POST</ejb:http-method>
> <ejb:http-method>PUT</ejb:http-method>
> </ejb:web-service-security>
> --
> View this message in context:
> http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1452593.html
> Sent from the Users mailing list archive at Nabble.com.
>
--
Vamsi