Hi Sue, You need to modify the Axis web.xml as you are securing the Axis servlet.
It's exactly the same approach as securing a browser based web-app. As a first step, it might be easier to start by modifying the Axis web.xml to secure the Axis servlet before attempting to add the Realm definition to your server.xml. That way you can ensure that the basic auth is working with the default Tomcat realm before trying to figure out the JDBC realm. It's always easier to troubleshoot one variable at a time. Good luck, Patrick -----Original Message----- From: Suzy Fynes [mailto:[EMAIL PROTECTED] Sent: 23 February 2005 16:03 To: [email protected] Subject: RE: basic authenication Just one more question, is it the web.xml of tomcat or axis that is to be modified? -----Original Message----- From: Suzy Fynes [mailto:[EMAIL PROTECTED] Sent: 23 February 2005 13:57 To: [email protected] Subject: RE: basic authenication Cheers thanks! -----Original Message----- From: Patrick van Kann [mailto:[EMAIL PROTECTED] Sent: 23 February 2005 13:51 To: [email protected] Subject: RE: basic authenication Hi Sue, Here is how to set up a JDBC realm for TC 5.5. Similar instructions exist for earlier Tomcats. http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html#JDBCRea lm Note that this requires changes to server.xml, not web.xml. All you have to do to web.xml is this: <security-constraint> <web-resource-collection> <web-resource-name>Protected</web-resource-name> <!-- specify the directory for restricted Web Services application --> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <!-- specify the role name of the new user added in step 2 --> <role-name>wsuser</role-name> </auth-constraint> </security-constraint> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>Protected Web Services</realm-name> </login-config> <security-role> <description> Web Service </description> <role-name>wsuser</role-name> </security-role> Hope it helps. Cheers, Patrick PS: Here is a Realm I configured in TC 4 with a SQL server database for authentication: <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="com.inet.tds.TdsDriver" connectionURL="jdbc:inetdae:localhost" databaseName="cookiesecurity" connectionName="cookiesecurity" connectionPassword="c00k13s3cur1ty" userTable="Users" userNameCol="username" userCredCol="password" userRoleTable="GroupMembers" roleNameCol="groupname" /> -----Original Message----- From: Suzy Fynes [mailto:[EMAIL PROTECTED] Sent: Wed 23/02/2005 13:41 To: [email protected] Subject: RE: basic authenication Thanks a million for that! I'm using Tomcat as the app server, do you have any ideas how to do the configuration in the web.xml to use a mysql database? Thanks Sue -----Original Message----- From: Patrick van Kann [mailto:[EMAIL PROTECTED] Sent: 23 February 2005 12:49 To: [email protected] Subject: RE: basic authenication Hi Suzy, This is possible and shouldn't require any code change to your client if you are already using Basic auth. I have modified the StockQuote sample to use Basic authentication and SSL and included the sample code at the end. You can ignore the SSL stuff if you aren't using that. You also need to set up your web.xml to secure the web service with Basic authentication. You then need to configure your app server to use a database realm. I'm not sure what app server you are using so may not be able to help. I got this running using JBoss 3.2.5 so I can help you more if that's what you are using. Hope this helps, Patrick package com.ibm.w3.services.stockquote; public class StockQuoteClient { public static void main(String args[]) { try { //set the certificate store //just comment this out if you don't want to use SSL System.setProperty("javax.net.ssl.trustStore", "C:\\jboss-3.2.5\\server\\default\\conf\\ws-castor-test.keystore" ); StockQuoteService service = new StockQuoteServiceLocator(); String endpoint = "https://localhost:8443/axis/services/StockQuoteSOAPPort";; StockQuotePortType port = service.getStockQuoteSOAPPort( new java.net.URL( endpoint ) ); org.apache.axis.client.Stub stub = ( org.apache.axis.client.Stub )port; //get the underlying Stub so that we can authorise stub.setUsername( "test" ); stub.setPassword( "test" ); Quote quote = port.getStockQuote("IBM"); System.out.println( "Quote: " + quote); System.out.println( "Volume" + quote.getVolume()); } catch (Exception e) { System.out.println("Exception caught " + e); e.printStackTrace(); } } } -----Original Message----- From: Suzy Fynes [mailto:[EMAIL PROTECTED] Sent: Wed 23/02/2005 12:40 To: [email protected] Subject: basic authenication Hey, I'm looking to use basic authentication with axis through a mysql database as opposed to the user.lst and perm.lst, can anyone give me some pointers on doing this and does using a database change the client code? With a java client the username and password comes in as parameters of the main method. Thanks Suzy
