users@glassfish.java.net

Re: UserPrinciple is null when utilizing Username Authentication with Symme

From: <glassfish_at_javadesktop.org>
Date: Fri, 09 Nov 2007 08:16:22 PST

Marco,

I just attempted to duplicate your test setup. I may not have done so, so I'll recap what I did.

I created a Web module that implements a web service endpoint. Within the service endpoint, I injected the WebServiceContext as shown below.

Then I configured the security properties of the endpoint url in web.xml.

I defined the auth-method to be basic, and I defined an auth-constraint on the endpoint url, permitting members of the "user" role.

 I did not define a principal-2-Role mapping. Instead I activated the default-principal-2-role mapping, which maps same named groups to same named roles (which is described in http://docs.sun.com/app/docs/doc/819-3672/beacr?l=ru&a=view)

I created a test user in the default realm, and assigned that user to the "user" group.

I created a corresponding web service client and invoked it with the appropriate values for the --user and --password options. As you can see from the endpoint impl, the return value from the endpoint, is the value it obtains by calling getUserPrincipal on the WebServiceContext. In my test, the endpoint returned the principal as expected.

a possible explanation for why you are seeing a different result, is that the client does not authenticate to the endpoint, unless it is required to do so as a result of the endpoint url being protected by an auth-constraint. If the url is not protected, the client will not pro-actively authenticate to the endpoint.

I also used this test to confirm that I could assign a different user repository/realm to the endpoint. I'll describe how I did that on your other post.

Ron

/*
 * PingWebService.java
 *
 * Created on November 8, 2007, 7:33 PM
 *
 * To change this template, choose Tools | Template Manager
 * and open the template in the editor.
 */

package test;

import javax.annotation.Resource;
import javax.jws.WebService;
import javax.xml.ws.WebServiceContext;

/**
 *
 * @author monzillo
 */
@WebService()
public class PingWebService {
    
    @Resource
    private WebServiceContext ctx;
    
    public String Ping(String ping) {
        return "Principal: " + ctx.getUserPrincipal() + " echo: " + ping;
    }
    
}
[Message sent by forum member 'monzillo' (monzillo)]

http://forums.java.net/jive/thread.jspa?messageID=244775