can you post your client code and deserializer code?
-----Original Message-----
From: Bobba, Ramesh [mailto:[EMAIL PROTECTED]
Sent: Thu 3/4/2004 11:01 AM
To: '[EMAIL PROTECTED]'
Cc:
Subject: RE: EJB Authentication
Hi,
I got this working (kinda) in the sense that the server works fine. It
executes the ejb methods and returns a soap message (according to what I see in the
logs), but on the client side I get an AxisFault saying: Dose anyone know why? I have
all the generated client side classes in the class path! I am also attaching the
client code.
Thanks,
Ramesh.
org.xml.sax.SAXException: Deserializing parameter 'findDeviceReturn': could
not find deserializer for type
{http://values.oampAdapter.insignia.com}FindDeviceResponse
at org.apache.axis.message.RPCHandler.onStartChild(RPCHandler.java:302)
at
org.apache.axis.encoding.DeserializationContextImpl.startElement(DeserializationContextImpl.java:963)
at
org.apache.axis.message.SAX2EventRecorder.replay(SAX2EventRecorder.java:198)
at
org.apache.axis.message.MessageElement.publishToHandler(MessageElement.java:722)
at org.apache.axis.message.RPCElement.deserialize(RPCElement.java:233)
at org.apache.axis.message.RPCElement.getParams(RPCElement.java:347)
at org.apache.axis.client.Call.invoke(Call.java:2272)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at GetInfo.main(GetInfo.java:147)
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: org.xml.sax.SAXException: Deserializing parameter
'findDeviceReturn': could not find deserializer for type
{http://values.oampAdapter.insignia.com}FindDeviceResponse
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: org.xml.sax.SAXException:
Deserializing parameter 'findDeviceReturn': could not find deserializer for type
{http://values.oampAdapter.insignia.com}FindDeviceResponse
at org.apache.axis.message.RPCHandler.onStartChild(RPCHandler.java:302)
at
org.apache.axis.encoding.DeserializationContextImpl.startElement(DeserializationContextImpl.java:963)
at
org.apache.axis.message.SAX2EventRecorder.replay(SAX2EventRecorder.java:198)
at
org.apache.axis.message.MessageElement.publishToHandler(MessageElement.java:722)
at org.apache.axis.message.RPCElement.deserialize(RPCElement.java:233)
at org.apache.axis.message.RPCElement.getParams(RPCElement.java:347)
at org.apache.axis.client.Call.invoke(Call.java:2272)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at GetInfo.main(GetInfo.java:147)
-----Original Message-----
From: Keith Hatton [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 04, 2004 10:14 AM
To: [EMAIL PROTECTED]
Subject: RE: EJB Authentication
Hi Ramesh,
I think you may need to add a <security-constraint> section to the
web.xml. The Weblogic console is quite good for playing about with things like this
(unfortunately I'm away from the office at the moment). I also find Sun's DTD for
web.xml a good reference for things like this.
Basically, think of the Axis URLs as requiring username/password
authentication just as if they were standard HTML or JSP pages and secure them using
the deployment descriptor. Then the EJB access should work just as you expected.
Hope this helps
Keith
-----Original Message-----
From: Bobba, Ramesh [mailto:[EMAIL PROTECTED]
Sent: Thu 04/03/2004 16:59
To: '[EMAIL PROTECTED]'
Cc:
Subject: RE: EJB Authentication
Hi Keith,
I am using Weblogic right now (we also plan to support
websphere). I am a bit confused about what you mean by - replicating EJB security
constraints on the Axis servlet. Are you talking about adding the
<security-role><role-name>somerole</role-name></security-role> elements?
Thanks,
Ramesh.
-----Original Message-----
From: Keith Hatton [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 04, 2004 1:31 AM
To: [EMAIL PROTECTED]
Subject: RE: EJB Authentication
Hi Ramesh,
What app server are you using now?
I've had authentication working using Axis on Weblogic
and JBoss in the past, though I do remember it was more complicated than I expected.
The call.setUsername() and call.setPassword() approach looks fine from what I
remember, but maybe that information is not being passed on to the EJB container.
I seem to remember that what worked best was
replicating the EJB security constraints on the Axis servlet - i.e. adding them to
web.xml. That way, when the Axis EJB provider asks for an InitialContext to do its
lookup, it automatically presents the right username/password settings to the EJB
container.
Hope this helps
Keith
-----Original Message-----
From: Bobba, Ramesh [mailto:[EMAIL PROTECTED]
Sent: Thu 04/03/2004 00:49
To: Axis-User (E-mail)
Cc:
Subject: EJB Authentication
Hi,
I get an java.rmi.AccessException exception
because the EJBs that the
WebService implementation class is trying to
use are username/password
protected. We were using weblogic and with
that, the client was able to
authenticate by making call:
call.setProperty("javax.xml.rpc.security.auth.username", "username");
call.setProperty("javax.xml.rpc.security.auth.password", "password");
I tried using both the
call.setProperty(Call.USERNAME_PROPERTY,
"username")/call.setProperty(Call.PASSWORD_PROPERTY, "password)
and also
call.setUsername("username")/call.setPassword("password")
but both don't seem to work as I still keep
getting the AccessException:
Security Violation User '<anonymous>' has
insufficient permission to access
EJB
Does anyone know how to get around this
problem?
Thanks,
Ramesh.
<<winmail.dat>>
