geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Neerup <...@edbgruppen.dk>
Subject Basic Auth passwords in webservices
Date Wed, 31 Oct 2007 16:37:13 GMT

Hi...

I'm creating webservices withe JAX-WS and deploying them to a Geronimo2
server..
These webservices need a name and a password for calling som business logic.

Today i'm just making the 2 first parameters user and password, and this
works, but not a very pretty interface for at webservice, so I want to use
Basic Auth. 

I can configure this by creating a Custom LoginModule and Principals and use
them.. and this works. 
But I still need the password for my business logic.  

How do I get the password from the basic auth for my businesslogic in my
webservices ?
I tried using the @Resource with WebserviceContext but a call to
context.getUserPrincipel() just returnes a JAASTomcatPrincipal not my own
Custom Principal so no password :(

Is there any way I can deploy the Custom LoginModule jar within the war/ear?

Can anybody help me ?




Current config:

web.xml:
...
<security-constraint>
		<web-resource-collection>
			<web-resource-name>Protected</web-resource-name>
			<url-pattern>/*</url-pattern>
			 <http-method>GET</http-method>
			<http-method>POST</http-method>
		</web-resource-collection>
		<auth-constraint>
			<role-name>manager</role-name>
		</auth-constraint>
	</security-constraint>
	
	<login-config>
		<auth-method>BASIC</auth-method>
		<realm-name>thn</realm-name>
	</login-config>
...

Geronimo-web.xml:
...
	<security-realm-name>thn</security-realm-name>
    <security>
        <default-principal realm-name="thn">
            <principal class="dk.eg.login.MyPrincipal" name="nobody"/>
        </default-principal>
        <role-mappings>
            <role role-name="manager">
                <realm realm-name="thn">
                  <!--<principal class="dk.eg.login.MyPrincipal"
name="system" designated-run-as="true"/> -->
                  <principal class="dk.eg.login.MyGroupPrincipal"
name="manager" designated-run-as="true"/>
                </realm>
            </role>
        </role-mappings>
    </security>
...

Geronimo-application.xml:
  <dep:gbean name="ttt"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <dep:attribute name="realmName">thn</dep:attribute>
        <dep:reference name="ServerInfo">
            <dep:name>ServerInfo</dep:name>
        </dep:reference>
        <dep:xml-reference name="LoginModuleConfiguration">
            <log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0">
                <log:login-module control-flag="REQUIRED"
wrap-principals="false">
                    <log:login-domain-name>thn</log:login-domain-name>
                   
<log:login-module-class>dk.eg.login.MyLoginModule</log:login-module-class>
                </log:login-module>
            </log:login-config>
        </dep:xml-reference>
    </dep:gbean>


-- 
View this message in context: http://www.nabble.com/Basic-Auth-passwords-in-webservices-tf4726213s134.html#a13513287
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message