axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suzy Fynes" <suzanne.fy...@sentenial.ie>
Subject RE: basic authenication
Date Wed, 23 Feb 2005 16:03:21 GMT
Just one more question, is it the web.xml of tomcat or axis that is to
be modified? 

-----Original Message-----
From: Suzy Fynes [mailto:suzanne.fynes@sentenial.ie] 
Sent: 23 February 2005 13:57
To: axis-user@ws.apache.org
Subject: RE: basic authenication

Cheers thanks!

-----Original Message-----
From: Patrick van Kann [mailto:patrick.vankann@fortune-cookie.com] 
Sent: 23 February 2005 13:51
To: axis-user@ws.apache.org
Subject: RE: basic authenication

Hi Sue,

Here is how to set up a JDBC realm for TC 5.5. Similar instructions
exist for earlier Tomcats.

http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html#JDBCRea
lm

Note that this requires changes to server.xml, not web.xml. 


All you have to do to web.xml is this:

       <security-constraint>
	   <web-resource-collection>
	      <web-resource-name>Protected</web-resource-name>
	      <!-- specify the directory for restricted Web Services
application -->
	      <url-pattern>/*</url-pattern>
	   </web-resource-collection>
	   <auth-constraint>
	      <!-- specify the role name of the new user added in step 2
-->
	      <role-name>wsuser</role-name>
	   </auth-constraint>
	</security-constraint>
	
	<!-- Define the Login Configuration for this Application -->
	<login-config>
	   <auth-method>BASIC</auth-method>
	   <realm-name>Protected Web Services</realm-name>
	</login-config>
	
	<security-role>
    	<description>
    	 	Web Service
		</description>
    	<role-name>wsuser</role-name>
	</security-role>

Hope it helps.

Cheers,

Patrick

PS: Here is a Realm I configured in TC 4 with a SQL server database for
authentication:

<Realm 
			
			className="org.apache.catalina.realm.JDBCRealm" 
			
			debug="99"
    		
			driverName="com.inet.tds.TdsDriver"
    
			connectionURL="jdbc:inetdae:localhost"
			
			databaseName="cookiesecurity"
    		
			connectionName="cookiesecurity" 
			
			connectionPassword="c00k13s3cur1ty"
			
			userTable="Users" 
			
			userNameCol="username" 
			
			userCredCol="password"
    
			userRoleTable="GroupMembers" 
			
			roleNameCol="groupname" />	


-----Original Message-----
From: Suzy Fynes [mailto:suzanne.fynes@sentenial.ie]
Sent: Wed 23/02/2005 13:41
To: axis-user@ws.apache.org
Subject: RE: basic authenication
 
Thanks a million for that!

I'm using Tomcat as the app server, do you have any ideas how to do the
configuration in the web.xml to use a mysql database?

Thanks
Sue

-----Original Message-----
From: Patrick van Kann [mailto:patrick.vankann@fortune-cookie.com] 
Sent: 23 February 2005 12:49
To: axis-user@ws.apache.org
Subject: RE: basic authenication

Hi Suzy,

This is possible and shouldn't require any code change to your client if
you are already using Basic auth.

I have modified the StockQuote sample to use Basic authentication and
SSL and included the sample code at the end. You can ignore the SSL
stuff if you aren't using that.

You also need to set up your web.xml to secure the web service with
Basic authentication. You then need to configure your app server to use
a database realm.

I'm not sure what app server you are using so may not be able to help. I
got this running using JBoss 3.2.5 so I can help you more if that's what
you are using.

Hope this helps,

Patrick

package com.ibm.w3.services.stockquote;

public class StockQuoteClient
{
	public static void main(String args[]) {
		try 
		{ 
			//set the certificate store
                        //just comment this out if you don't want to use
SSL
			System.setProperty("javax.net.ssl.trustStore", 
 
"C:\\jboss-3.2.5\\server\\default\\conf\\ws-castor-test.keystore" );
	
			
			StockQuoteService service = new
StockQuoteServiceLocator();
			
			String endpoint =
"https://localhost:8443/axis/services/StockQuoteSOAPPort";
			StockQuotePortType port =
service.getStockQuoteSOAPPort( new java.net.URL( endpoint ) );
			
			org.apache.axis.client.Stub stub = (
org.apache.axis.client.Stub )port;
			
			//get the underlying Stub so that we can
authorise
			stub.setUsername( "test" );
			
			stub.setPassword( "test" );

     		Quote quote = port.getStockQuote("IBM");

			System.out.println( "Quote: " + quote);
			
     		System.out.println( "Volume" + quote.getVolume());
			
		} 
		catch (Exception e) 
		{
			System.out.println("Exception caught " + e);
			e.printStackTrace();
		}
	}
}




-----Original Message-----
From: Suzy Fynes [mailto:suzanne.fynes@sentenial.ie]
Sent: Wed 23/02/2005 12:40
To: axis-user@ws.apache.org
Subject: basic authenication
 
 
Hey,
 
I'm looking to use basic authentication with axis through a mysql
database as opposed to the user.lst and perm.lst, can anyone give me
some pointers on doing this and does using a database change the client
code? With a java client the username and password comes in as
parameters of the main method.
 
Thanks
Suzy










Mime
View raw message