axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bobba, Ramesh" <ramesh.bo...@insignia.com>
Subject RE: EJB Authentication
Date Thu, 04 Mar 2004 19:01:44 GMT
Hi,
 
I got this working (kinda) in the sense that the server works fine. It
executes the ejb methods and returns a soap message (according to what I see
in the logs), but on the client side I get an AxisFault saying: Dose anyone
know why? I have all the generated client side classes in the class path! I
am also attaching the client code.
 
Thanks,
 
Ramesh.
 
org.xml.sax.SAXException: Deserializing parameter 'findDeviceReturn':  could
not find deserializer for type
{http://values.oampAdapter.insignia.com}FindDeviceResponse
        at
org.apache.axis.message.RPCHandler.onStartChild(RPCHandler.java:302)
        at
org.apache.axis.encoding.DeserializationContextImpl.startElement(Deserializa
tionContextImpl.java:963)
        at
org.apache.axis.message.SAX2EventRecorder.replay(SAX2EventRecorder.java:198)
        at
org.apache.axis.message.MessageElement.publishToHandler(MessageElement.java:
722)
        at
org.apache.axis.message.RPCElement.deserialize(RPCElement.java:233)
        at org.apache.axis.message.RPCElement.getParams(RPCElement.java:347)
        at org.apache.axis.client.Call.invoke(Call.java:2272)
        at org.apache.axis.client.Call.invoke(Call.java:2171)
        at org.apache.axis.client.Call.invoke(Call.java:1691)
        at GetInfo.main(GetInfo.java:147)
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode: 
 faultString: org.xml.sax.SAXException: Deserializing parameter
&apos;findDeviceReturn&apos;:  could not find deserializer for type
{http://values.oampAdapter.insignia.com}FindDeviceResponse
 faultActor: 
 faultNode: 
 faultDetail: 
        {http://xml.apache.org/axis/}stackTrace: org.xml.sax.SAXException:
Deserializing parameter 'findDeviceReturn':  could not find deserializer for
type {http://values.oampAdapter.insignia.com}FindDeviceResponse
        at
org.apache.axis.message.RPCHandler.onStartChild(RPCHandler.java:302)
        at
org.apache.axis.encoding.DeserializationContextImpl.startElement(Deserializa
tionContextImpl.java:963)
        at
org.apache.axis.message.SAX2EventRecorder.replay(SAX2EventRecorder.java:198)
        at
org.apache.axis.message.MessageElement.publishToHandler(MessageElement.java:
722)
        at
org.apache.axis.message.RPCElement.deserialize(RPCElement.java:233)
        at org.apache.axis.message.RPCElement.getParams(RPCElement.java:347)
        at org.apache.axis.client.Call.invoke(Call.java:2272)
        at org.apache.axis.client.Call.invoke(Call.java:2171)
        at org.apache.axis.client.Call.invoke(Call.java:1691)
        at GetInfo.main(GetInfo.java:147)


-----Original Message-----
From: Keith Hatton [mailto:khatton@axiomsystems.com]
Sent: Thursday, March 04, 2004 10:14 AM
To: axis-user@ws.apache.org
Subject: RE: EJB Authentication


Hi Ramesh,
 
I think you may need to add a <security-constraint> section to the web.xml.
The Weblogic console is quite good for playing about with things like this
(unfortunately I'm away from the office at the moment). I also find Sun's
DTD for web.xml a good reference for things like this.
 
Basically, think of the Axis URLs as requiring username/password
authentication just as if they were standard HTML or JSP pages and secure
them using the deployment descriptor. Then the EJB access should work just
as you expected.
 
Hope this helps
Keith
 

-----Original Message----- 
From: Bobba, Ramesh [mailto:ramesh.bobba@insignia.com] 
Sent: Thu 04/03/2004 16:59 
To: 'axis-user@ws.apache.org' 
Cc: 
Subject: RE: EJB Authentication


Hi Keith,
 
I am using Weblogic right now (we also plan to support websphere). I am a
bit confused about what you mean by - replicating EJB security constraints
on the Axis servlet. Are you talking about adding the
<security-role><role-name>somerole</role-name></security-role> elements?
 
Thanks,
 
Ramesh.

-----Original Message-----
From: Keith Hatton [mailto:khatton@axiomsystems.com]
Sent: Thursday, March 04, 2004 1:31 AM
To: axis-user@ws.apache.org
Subject: RE: EJB Authentication


Hi Ramesh,
 
What app server are you using now?
 
I've had authentication working using Axis on Weblogic and JBoss in the
past, though I do remember it was more complicated than I expected. The
call.setUsername() and call.setPassword() approach looks fine from what I
remember, but maybe that information is not being passed on to the EJB
container.
 
I seem to remember that what worked best was replicating the EJB security
constraints on the Axis servlet - i.e. adding them to web.xml. That way,
when the Axis EJB provider asks for an InitialContext to do its lookup, it
automatically presents the right username/password settings to the EJB
container.
 
Hope this helps
Keith
 

-----Original Message----- 
From: Bobba, Ramesh [mailto:ramesh.bobba@insignia.com] 
Sent: Thu 04/03/2004 00:49 
To: Axis-User (E-mail) 
Cc: 
Subject: EJB Authentication



Hi,

I get an java.rmi.AccessException exception because the EJBs that the
WebService implementation class is trying to use are username/password
protected. We were using weblogic and with that, the client was able to
authenticate by making call:

call.setProperty("javax.xml.rpc.security.auth.username", "username");
call.setProperty("javax.xml.rpc.security.auth.password", "password");

I tried using both the
call.setProperty(Call.USERNAME_PROPERTY,
"username")/call.setProperty(Call.PASSWORD_PROPERTY, "password)
and also
call.setUsername("username")/call.setPassword("password")
but both don't seem to work as I still keep getting the AccessException:
Security Violation User '<anonymous>' has insufficient permission to access
EJB

Does anyone know how to get around this problem?

Thanks,

Ramesh.



Mime
View raw message