users@glassfish.java.net

custom realm with secure webservice not working

From: <glassfish_at_javadesktop.org>
Date: Thu, 05 Jun 2008 01:09:28 PDT

Hi all.

I am writing a secure web service using "Username Authentication With Symmetric Keys" security method. The authorization realm I want to use is a custom realm, which is working well with Form Based and BASIC authentication and is working even with ProgrammaticLogin. Everything is fine so far.

In other posts I read that I have to set the default realm to another specific realm in order to perform authentication against that realm.

But when I set the default realm to my custom realm (using [i]Security[/i] in admin GUI) it is apparently not used as seen in the logs:

JMAC: In PrivateKeyCallback Processor
JMAC: In PasswordValidationCallback Processor
jmac login user [testWS] into realm: [b]file[/b] using JAAS module: [b]fileRealm[/b]
Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule

How do I use a custom realm for UsernameToken authentication? I am deploying a WAR module
developed with NB 6.1 on GF V2ur2 running on JDK6.

Alexander.
[Message sent by forum member 'sahlix' (sahlix)]

http://forums.java.net/jive/thread.jspa?messageID=278487