I have a EJB web service endpoint, which I need to secure so that only registered application can call it. I use username authentication with symmetric key, and I want to authenticate the user against a jdbcRealm rather than the default fileRealm. But I cannot get it to work -[b] it always seems to authenticate against the default fileRealm no matter what[/b]. Here is what I've done.
1. In NB, select Username Authentication wirh Symmetric key for the web service.
2. Add a new JDBC realm using the GF admin console:
name: [b]myJdbcRealm[/b]
class name: [b]com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm[/b]
JAAS context: [b]jdbcRealm[/b]
JNDI: [b]jdbc/MyDataSource[/b]
User Table: [b]CLIENT[/b]
User name column: [b]CLIENT_NAME[/b]
Password column: [b]PASSWORD[/b]
Group Table: [b]CLIENT_GROUP[/b]
Group Name Column: [b] GROUP_NAME[/b]
Database User: [b]database_user[/b]
Database Password: [b]database_pswd[/b]
Digest Algorithm: [b]MD5[/b]
3. Modofy sun-application.xml to use jdbcRealm:
<sun-application>
<security-role-mapping>
<role-name>user</role-name>
<group-name>Client</group-name>
</security-role-mapping>
<realm>[b]myJdbcRealm[/b]</realm>
</sun-application>
4. Modify sun-ejb-jar.xml to use jdbcRealm:
<enterprise-beans>
<ejb>
<ejb-name>SomeEJBName</ejb-name>
<ior-security-config>
<as-context>
<auth-method>[b]USERNAME_PASSWORD[/b]</auth-method>
<realm>[b]myJdbcRealm[/b]</realm>
<required>true</required>
</as-context>
</ior-security-config>
</ejb>
</enterprise-beans>
With this setting, the authentication is always done against the default file realm instead of myJdbcRealm. What have I missed here? Thanks a lot for your help.
[Message sent by forum member 'jinsongyang' (jinsongyang)]
http://forums.java.net/jive/thread.jspa?messageID=304756