Hi All,
I have a working web service (which is a stateless bean) and stand alone
client, that I wish to now add security to. Through some reading it
seems the most straight forward way to add security to this service will
be to use ssl. My web service bean is in a jar file that is packaged
inside an ear file.
Inside my jar file META-INF\sun-ejb-jar.xml file I have added the
following line to my webservice-endpoint entry
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
The problem comes that when I deploy the ear file, glassfish seems to
generate a different sun-ejb-jar.xml file. Meaning, after I deploy the
ear file if (using the web admin console) I go and view the
sun-ejb-jar.xml file for this web service, it is completely different
than the one that is in the ear file, and does not have the
transport-guarantee line.
Any help would be appreciated on this issue, or suggestions of better
ways of securing my web service.
Thanks again,
Josh