I have some questions regarding the above with GF 2.1. Ill try to keep concise. Setting up web service and client. WS has @RolesDeclared, and @rolesAllowed set for a group, Users. The WS is set with Message Authentication over SSL, with the appropriate security constraint for User Data(CONFIDENTIAL) and the User Authentication Constraint enabled for the group Users. Using Basic Authentication to a custom realm, I am to pass in log info and authorize as needed. As I was building, I set up callbackhandlers to handle getting the users login info. During development, The way this login info got to the server changed and I'm not sure why, or if its normal. At first the only callback handlers were called. Every thing seemed to work fine. Switched servers and now needed to add binding the login info to the web service port, before the call to web service method was authorized. (Can I assume that the ssl was not setup correctly before since was not needed to connect?) And now the callbackhandlers are not called. Everything function correctly but I am concerned some settings are not correct. On normal and fine log settings I only see the JAAS login passing. So if any one can clarify and point me to a link that clear this up, it would be greatly appreciated. TIA
[Message sent by forum member 'javajoe83' (javajoe83)]
http://forums.java.net/jive/thread.jspa?messageID=346861