users@glassfish.java.net

Re: jax-rpc with basic authentication over https is ignored

From: Ryan de Laplante <ryan_at_ijws.com>
Date: Thu, 16 Apr 2009 09:08:11 -0400

I do it the same way and it works for me, but I'm on GlassFish V2 UR2
not 2.1.

Maybe check the deployment descriptor on the service endpoint. Being
able to GET a WSDL with a web browser isn't the same as being able to
execute web service methods. My servlet service endpoint's web.xml has:

<security-constraint>
        <display-name>SSL Constraint</display-name>
        <web-resource-collection>
            <web-resource-name>WSServlet_MyService</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>PUT</http-method>
            <http-method>HEAD</http-method>
            <http-method>POST</http-method>
            <http-method>OPTIONS</http-method>
            <http-method>TRACE</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>MYAPPS</role-name>
        </auth-constraint>
        <user-data-constraint>
            <description/>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myRealm</realm-name>
    </login-config>
    <security-role>
        <description>My Applications</description>
        <role-name>MYAPPS</role-name>
    </security-role>

Then in sun-web.xml I have:

<context-root>/FolioService</context-root>
  <security-role-mapping>
    <role-name>MYAPPS</role-name>
    <group-name>MYAPPS</group-name>
  </security-role-mapping>

Plus I set up a file realm in the web admin console called myRealm and
created users in it that have the MYAPPS group.



glassfish_at_javadesktop.org wrote:
> I need to a call a JAX-RPC web service, which has basic authentication and is only available over https.
> I set the endpoint and username/password;
>
> AXLPort axlPort = axlAPIService.getAXLPort();
> ((Stub)axlPort)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://10.1.1.2:8443/axl");
> ((Stub)axlPort)._setProperty(Stub.USERNAME_PROPERTY, "username");
> ((Stub)axlPort)._setProperty(Stub.PASSWORD_PROPERTY, "password");
>
> The endpoint property works, and I have had to add the SSL certificate, so I know that is working OK.
> However I get back Unauthorized, and when I use a web browser to the same address and enter the
> username and password I get to the webservice. Is there anything special for using basic
> authentication with HTTPS and JAX-RPC? This was created with NetBean 6.5 and the JAX-RPC plugin
> and is with Glassfish V2.1 (the Sun SDK bundle)
>
>
> Cheers
> S.
> [Message sent by forum member 'scotth1' (scotth1)]
>
> http://forums.java.net/jive/thread.jspa?messageID=342360
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.