Return-Path: 
 <user-return-15039-apmail-geronimo-user-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-user-archive@www.apache.org
Received: (qmail 57307 invoked from network); 26 Aug 2010 15:22:08 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 26 Aug 2010 15:22:08 -0000
Received: (qmail 33746 invoked by uid 500); 26 Aug 2010 15:22:08 -0000
Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org
Received: (qmail 33717 invoked by uid 500); 26 Aug 2010 15:22:07 -0000
Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:user-help@geronimo.apache.org>
list-unsubscribe: <mailto:user-unsubscribe@geronimo.apache.org>
List-Post: <mailto:user@geronimo.apache.org>
Reply-To: user@geronimo.apache.org
List-Id: <user.geronimo.apache.org>
Delivered-To: mailing list user@geronimo.apache.org
Received: (qmail 33710 invoked by uid 99); 26 Aug 2010 15:22:07 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Aug 2010 15:22:07 +0000
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=FREEMAIL_FROM,SPF_HELO_PASS,SPF_NEUTRAL,T_TO_NO_BRKTS_FREEMAIL,URI_HEX
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: 216.139.236.158 is neither permitted
 nor denied by domain of fawzib.rojas@gmail.com)
Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Aug 2010 15:22:02 +0000
Received: from ben.nabble.com ([192.168.236.152])
	by kuber.nabble.com with esmtp (Exim 4.63)
	(envelope-from <fawzib.rojas@gmail.com>)
	id 1OoeGr-0006lw-Mt
	for user@geronimo.apache.org; Thu, 26 Aug 2010 08:21:41 -0700
Date: Thu, 26 Aug 2010 08:21:41 -0700 (PDT)
From: Faw <fawzib.rojas@gmail.com>
To: user@geronimo.apache.org
Message-ID: <1282836101692-1354513.post@n3.nabble.com>
Subject: Secure WebService with BASIC Authentication
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit


I want to secure my SOAP webservice with basic authentication. I searched in
the knowledgebase and found this:

https://cwiki.apache.org/GMOxKB/how-do-i-enable-security-for-ejb-web-service.html

So I tried and added that to my configuration, this is part my
openejb-jar.xml

<ejb:enterprise-beans>
  <ejb:session>
    <ejb:ejb-name>loggers-rpc</ejb:ejb-name>
    <ejb:web-service-security>
      <ejb:security-realm-name>geronimo-admin</ejb:security-realm-name>
      <ejb:transport-guarantee>NONE</ejb:transport-guarantee>
      <ejb:auth-method>BASIC</ejb:auth-method>
      <ejb:http-method>POST</ejb:http-method>
      <ejb:http-method>PUT</ejb:http-method>
    </ejb:web-service-security>
  </ejb:session>
</ejb:enterprise-beans>

It gave me an error "Ejb app has method permissions but no security
configuration supplied in geronimo plan", so after searching around for a
while i found an answer (this should be mentioned and explained in that same
wiki page), so i added the following to openejb-jar.xml:

<sec:security>
  <sec:role-mappings>
    <sec:role role-name="admin">
      <sec:principal name="admin"
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"/>
    </sec:role>
  </sec:role-mappings>
</sec:security>

and added the following to my service:

@Stateless
@RolesAllowed("admin")
public class RegisterBean extends BaseService implements Register {
....
}

The service deploys well, when I try to call it (using the soapui generic
client) it with no user/password it fails (as it should), but when I use
username/password it also fails. I don't know what Im missing. Can anyone
give me any ideas?
-- 
View this message in context: http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1354513.html
Sent from the Users mailing list archive at Nabble.com.