We just made a service that uses authenticated user data. It sounds like, from your previous emails, that you did get user authentication working with your container, so your question might be directed to this group.
The MessageContext object might have what you need. Check this out: http://ws.apache.org/axis/java/apiDocs/org/apache/axis/MessageContext.html I've retrieved user data like this: MessageContext mc = MessageContext.getCurrentContext(); //should be able to retrieve username from message context String username = mc.getUsername(); it sounds like you want the getRoles() method, which (from the API) hasn't been implemented yet. You might be able to work around this for now if you can access your roles (RDBMS, properties file) by looking them up through the username. That's what we do. brian On Apr 6, 2005 9:59 AM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > You can map this in users.xml. See the tomcat list for details. > > Gregory P Bobak > > > > > "Keith Hatton" <[EMAIL PROTECTED]> > > 04/06/2005 11:00 AM > > Please respond to > [email protected] > > > To <[email protected]> > > cc > > > Subject RE: JAX-RPC web service in Axis, > servletEndpointContext.isUserInRole(), how to map users to > roles? > > > > > > Hi Merten, > > I suggest you ask this question on a Tomcat list. You are right, this is > a J2EE feature. I would expect this to work in Axis, but you will need > to configure your deployment descriptors for your application server to > make this work. > > Hope this helps > Keith > > > -----Original Message----- > From: Merten Schumann [mailto:[EMAIL PROTECTED] > Sent: 06 April 2005 14:11 > To: [email protected] > Subject: RE: JAX-RPC web service in Axis, > servletEndpointContext.isUserInRole(), how to map users to > roles? > > > Hello, > > some time before I asked this question here, maybe in 2005 someone could > help me out :-) I'm still having problems with these "logical roles". I > don't know how > (where?) to map my logical roles from web.xml to physical roles. Is this > a J2EE feature and not supported in Axis? > > Thank you! > Merten > > > -----Original Message----- > > From: Merten Schumann [mailto:[EMAIL PROTECTED] > > Sent: Friday, October 15, 2004 9:43 AM > > To: [email protected] > > Subject: Re: JAX-RPC web service in Axis, > > servletEndpointContext.isUserInRole(), how to map users > to roles? > > > > Any answers here? I'm still in trouble with this > > servletEndpointContext.isUserInRole("my_role") > > stuff, it never returns true since I still don't know how to introduce > > > user roles (not groups) in Axis (in Tomcat) > > > > Thank you! > > Merten > > > > > -----Original Message----- > > > From: Merten Schumann [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, October 12, 2004 11:12 AM > > > To: [email protected] > > > Subject: JAX-RPC web service in Axis, > > > servletEndpointContext.isUserInRole(), how to map > users to roles? > > > > > > This is a repost with a different subject, maybe I do get > > > with this new > > > subject responses here. :-) > > > > > > I got a simple service with basic auth running in Axis, Hurray! For > > > that, following some documentation I created a .war > > with axis.jar > > > and all in it to have my own web app. Works fine. :-) > > > > > > Now I do call in the service implementation > > > servletEndpointContext.isUserInRole("my_role") > > > and get all the time false returned. > > > Hmmm, could it be that in Axis/Tomcat the concept of these "logical" > > > > roles isn't implemented and we have "only" users and groups? > > > > > > My web.xml contains link to my_role: > > > <security-constraint> > > > <display-name>SecurityConstraint</display-name> > > > <web-resource-collection> > > > <web-resource-name>WRCollection</web-resource-name> > > > <url-pattern>/services</url-pattern> > > > <http-method>POST</http-method> > > > </web-resource-collection> > > > <auth-constraint> > > > <role-name>my_role</role-name> > > > </auth-constraint> > > > <user-data-constraint> > > > <transport-guarantee>NONE</transport-guarantee> > > > </user-data-constraint> > > > </security-constraint> > > > <login-config> > > > <auth-method>BASIC</auth-method> > > > </login-config> > > > <security-role> > > > <role-name>my_role</role-name> > > > </security-role> > > > > > > When I deploy to Sun App server, I have in sun-web.xml > > > <security-role-mapping> > > > <role-name>my_role</role-name> > > > <group-name>my_group1</group-name> > > > </security-role-mapping> > > > to map the logical role (my_role) to a group (my_group1). > > The group is > > > physically existing in the Sun App server. Then, > > > isUserInRole("my_role") returns true. In the App Server's > > admin, I do > > > setup groups, not roles. In conf/tomcat-users.xml, probably > > the roles > > > mean groups. I tried to put there a <group> Element, seems to > > > work. But > > > how (where?) to map the group to a role, as I can do in sun-web.xml? > > > > > > Could you help me here, how to manage this logical role stuff in > > > Axis/Tomcat? Thank you! > > > Merten > > > > > > >
