Hi,
If you want security for an EJB WebService you should seriously
consider using Sun Application Server 8.2 or Sun Application Server 9.0.
Here are some documents that you can use understand how to secure an
EJB Webservice. You client can still be a JWSDP 1.6 client and your
server can be hosted on Application Server 8.2.
There are jwsdp facilities for securing wenb services messages, and the
methods for configuring that functionality differs from the methods
provided in sun the appserver to configure message layer security. Both
mechanisms are implemented by common code; and the focus of the
appserver has been to ensure that these mechanisms can be bound to
existing apps without changing the application. Please look at the
below link.
http://docs.sun.com/source/819-0076/ws-security.html
These instrcutions should be sufficient to guide you through this
process; assuming you are using the appserver configuration mechanisms.
It sounds like you may be trying to configure a stand-alone client of an
appserver hosted webservice; if this is the case, I think you will need
to use the jwsdp config mechanisms on the client; but you should be able
to use the appserver mechansims at the EJB endpoint.
Thanks...
kdduncan (sent by Nabble.com) wrote:
> I have a webservice that needs to use WSSecurity. When I specify the
> 'security' option for WSCompile, stubs and ties for the webservice use
> the com.sun.xml.rpc.security.SecurityPluginUtil class to process the
> security configuration file I gave WSCompile.
>
> My problem is that the server side of my webservice is deployed as an
> EJB and my WSCompile-generated tie class is never used! Messages sent
> to the webservice are directed to my EJB based on my ejb-jar.xml and
> webservices.xml files, and the Tie class is never invoked (so my
> security requirements are not processed).
>
> Does anyone know how to deploy an EJB webservice in such a way that
> the Tie class is used to call the service endpoint EJB?
>
> The JWSDP 1.6 has a security example but it deploys its service
> endpoints as servlets in a WAR file using WSDeploy. I'm following the
> example as closely as possible but I've got to deploy my endpoint as
> an EJB in an ejb-jar file, so WSDeploy is not appropriate.
>
> I'm using J2SDK 1.4.2 with JWSDP 1.6 libraries and deploying on JBoss
> 4.0.2. I use XDoclet to generate my ejb-jar.xml file and my
> webservices.xml file is written by hand.
> The webservice used to run without any security, and I generated all
> the classes I needed by using the 'import="true"' WSCompile option,
> which generates request/response structs but not stubs and ties. Now I
> use 'server="true"' and a second call with "client="true"' to get the
> stubs and ties, and my client side successfully uses the stub (and
> security plugin) to make the WS call.
> ------------------------------------------------------------------------
> View this message in context: Use WSCompile to generate server Tie,
> and Tie is never used!
> <http://www.nabble.com/Use-WSCompile-to-generate-server-Tie%2C-and-Tie-is-never-used%21-t945857.html#a2450410>
> Sent from the JAX-RPC - User
> <http://www.nabble.com/JAX-RPC---User-f2630.html> forum at Nabble.com.