Hello!
I have set up a jdbc realm and want to secure a web service, but for some reason the users cannot log in. Here are the steps I have done:
1. Created the jdbc realm in the fallowing way:
Users table: (users) id serial NOT NULL, name varchar(50), birthdate date, username varchar(50), "password" varchar(50),
Group table: (roles) id serial NOT NULL, rolename varchar(50), username varchar(50) with username foregin key to users.username. (forgive the confusion I made by naming the group table "roles")
In the jdbc realm configuration: User table: users; User name column: username; Password column: password; Group table: roles, Group Name Column: rolename, JNDI: jdbc/huddi (I have previosuly set up a JDBC resource with this name), JAAS Context: jdbcRealm (what is this for?), Digest Algorithm: SHA , Name: uddirealm
2. In sun-ejb-jar, mapped rolename "superuser" to groupname ("superuser"), <login-config><realm>uddirealm</realm></login-config> for the web service endpoint.
3. Set the @RolesAllowed({"superuser"}) for the method i am calling from the client.
4. When I save a user, I use the fallowing procedure to make a SHA from the password :
http://blogs.sun.com/swchan/resource/CreateJDBCRealmUser.java
(not: I have changed the MD5 to SHA from the example above)
5. Configured security of the web service with NetBeans and of the client in the same way, and I do the fallowing to set the username and password:
tester.UserPersonalSettingsService service = new tester.UserPersonalSettingsService();
tester.UserPersonalSettings _port = service.getUserPersonalSettingsPort();
((BindingProvider)_port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "c1n3v@");
((BindingProvider)_port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "c1n3v@");
6. I get the WSS1408: UsernameToken Authentication Failed
Thanks for reading. Sorry if the code is not readable, I see this forum has no code formatter.
[Message sent by forum member 'powerhouse_b' (powerhouse_b)]
http://forums.java.net/jive/thread.jspa?messageID=265161