Jitendra Kotamraju wrote:
> glassfish_at_javadesktop.org wrote:
>> Hello all,
>> I have a EJB 3.1 web service deployed in glassfish 3. I am trying to
>> apply security to this service.
>>
>> These are the steps I took so far:
>> - added @DeclareRoles and @RolesAllowed annotations to my web service
>>
>> -------------------
>> @Stateless
>> @WebService(endpointInterface="TestService")
>> @Local(TestService.class)
>> @DeclareRoles({"test"})
>> @RolesAllowed("test")
>> public class TestServiceImpl implements TestService{
>> -------------------
>>
>> - added the user "test" in Glassfish security under the file realm
You also need to make sure that the user "test" belongs to a Group
"test". Only then the DefaultPrincipalToRoleMapping will work. I am
assuming you are missing this step.
regards,
kumar
>> - enabled SecurityManager and DefaultPrincipalToRoleMapping in glassfish
>> - added the following in sun-ejb-jar.xml
>> ----------------------
>> <enterprise-beans>
>> <ejb>
>> <ejb-name>TestServiceImpl</ejb-name>
>> <webservice-endpoint>
>> <port-component-name>TestServiceImpl</port-component-name>
>> <login-config>
>> <auth-method>BASIC</auth-method>
>> <realm>default</realm>
>> </login-config>
>> </webservice-endpoint>
>> </ejb></enterprise-beans>
>> ------------------
>>
>>
>> When accessing the web service methods, either through the webservice
>> tester or through another application (I am using SoapUI), I receive
>> a soap error message instead of an "expected" login form.
>>
>> <faultcode>S:Server</faultcode>
>> <faultstring>java.lang.Exception: Client not authorized for
>> invocation of public java.util.List
>> test.TestServiceImpl.getAllBrands()</faultstring>
>> ...
>>
> May be the server is not returning the correct HTTP status code.
> What's the HTTP status code ?
> Also, if the correct Basic auth header is sent, is the EJB method
> invoked ?
>
> Jitu
>>
>> Can anybody help me understand why this happens, and what I can do
>> about it?
>>
>>
>> Thanks in advance.
>> [Message sent by forum member 'stefancatalin'
>> (catalin.stefan_at_yahoo.com)]
>>
>> http://forums.java.net/jive/thread.jspa?messageID=384224
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>