users@glassfish.java.net

Re: Questions about custom ServerAuthModule on httpServlet layer (JSR196)

From: <glassfish_at_javadesktop.org>
Date: Tue, 13 May 2008 15:21:05 PDT

> 1) What if I want to register the same SAM in an EJB module or an EAR app to protect WebServices deployed as EJBs ?

you should be able to do that, since the ejb web service endpoints are fronted by the glassfish servlet container. you need to register your sam for the HttpServlet layer and for the appcontextid corresponding to the context path under which your web service endpoint is deployed. I'm not exactly sure how to determine the context path for such an endpoint.
i'll presume you can figure that out. if not, let me know, and I'll try to provide you with a way to do so.
>
> 2) What if now I want to avoid putting the SAM in the GF installation directory but inside my EAR and register it programmaticaly ? From what I've read I'll have to use AuthConfigProvider and AuthConfigFactory, but I don't know how.
>
The simplest thing to do would be to bind the provider to your ear, by including a sun-web.xml file in your ear, and setting the http-servlet-rpovider attribute in the config file.

the native GFAuthConfigProvider does not offer a way to register it with options that will cause it configure a specific provider for the registration context. it looks at the sun-web.xml and domain.xml to figure out what to do.

to do programmatic registration, you will need to develop an implementation of AuthConfigProvider that you can initialize such that it knows to configure your sam.

I am working on a sample to demonstrate how to do this, but I's not in a form that I can share at this time. The general idea, is that you would implement an AuthConfigProvider whose constructor takes the name of the SAM impl class.

depending on whether the ACP is constructed with a null on non-null factory argument, it will either self-register itself with the factory (non-null factory) or be dependent on some other entity calling register on the factory. In the former case, the options map would also contain the layer and appcontext ids for which the provider is to self-register. Such a provider is not trivial to implement, but is not too difficult.

Ron
[Message sent by forum member 'monzillo' (monzillo)]

http://forums.java.net/jive/thread.jspa?messageID=274165