Here are the steps to configure file realm authentication for the
web-service.
1. In the GF-container, create a user (by providing a username and
password)
GF-HOME/bin/asadmin create-file-user testuser
2. In the web.xml of the application, the following security-constraint and
role-name have to be added to the <web-app> element
<security-constraint> <display-name>Constraint1</display-name>
<web-resource-collection> <web-resource-name>test</web-resource-name>
<description/> <url-pattern>/*</url-pattern> </web-resource-collection>
<auth-constraint> <description/> <role-name>tester</role-name>
</auth-constraint> </security-constraint> <security-role> <description/>
<role-name>tester</role-name> </security-role>
Please note that in the above snippet, the auth-constraint is applicable for
all URL patterns (/*) and for the role tester. You can modify these to more
specific URLs.
3. In sun-web.xml (or glassfish-web.xml), the following has to be added
inside the <sun-web-app> element:
<security-role-mapping> <role-name>tester</role-name>
<principal-name>testuser</principal-name> </security-role-mapping>
Please note that the above principal name matches with the file username
created in Step 1.
4. Build and deploy the webservice. On testing the webservice, there would be
prompt for the username and password. On providing the username testuser and
password created in Step 1, the user would be authenticated to access the
webservice.
The above simple configuration uses the default file realm and BASIC method.
Other login configuration schemes can be used by adding the following to
web.xml:
<login-config> <auth-method>BASIC</auth-method> <realm-name>file</realm-name>
</login-config>
Please check the Oracle GlassFish security guide [1]for more information.
HTH
Nithya
[1]
http://download.oracle.com/docs/cd/E18930_01/html/821-2435/ggnqj.html#scrolltoc
--
[Message sent by forum member 'nitkal']
View Post: http://forums.java.net/node/844478