> but never could seem to get it quite right, so I set
> the Default Provider for the SOAP Authentication
> Layer to be my guy just to get things working.
>
ok
> Now I get: SEC5052: null Subject used in
> SecurityContext construction
do you see this in the server.log? can you provide exactly the msg you are
seeing? maybe the callback handler or the ws runtime is logging this to indicate that you did not invoke the CallerPrincipalCallback, but I don't recognize the msg.
>
> Any idea what's up with that?
>
> As far as the client side goes, how do I go about
> writing / integrating a CAM? Is that the mechanism
> for passing username/password credentials?
a cam is like a sam, except it is configured in the client, and implements secureRequest and validateResponse. you configure a client side default soap module, in a similar fashion to the way you defined your default soap layer sam, except when the client runs outside of the appserver process, you configure the providers in in domains/domainx/config/sun-acc.xml
I am not exactly sure I know what you are trying to do, so maybe you don't need a CAM, or a SOAP SAM.
Are you trying to add and validate authenticators within the SOAP message (such as for ws-security), or do you want to do http layer authentication of web service invocations?
(btw, I will be offline starting tomorrow till monday)
Ron
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=281405