Hello all,
I am testing authenticated access to a web service, with a security domain of
my own and username/password taken from a mySQL database. I am using JBoss
4.0.5 and JBossWS 2.0.3, and on my localhost I have the mySQL database from
where the username and password are taken, as well as the client.
Everything works perfectly when I have all things deployed locally (web
service, database, client). However, I run into problems when invoking the web
service deployed on a remote machine.
On the remote server console a "no route to host" error appears:
anonymous wrote :
| Caused by: com.mysql.jdbc.CommunicationsException: Communications link
failure due to underlying exception:
|
| ** BEGIN NESTED EXCEPTION **
|
| java.net.SocketException
| MESSAGE: java.net.NoRouteToHostException: No route to host
|
| STACKTRACE:
|
| java.net.SocketException: java.net.NoRouteToHostException: No route to host
| at
com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156)
| at com.mysql.jdbc.MysqlIO.(MysqlIO.java:284)
|
On the client side I receive an "Unauthorized" error:
anonymous wrote : 3875 [main] DEBUG
org.jboss.remoting.transport.http.HTTPClientInvoker - Error invoking http
client invoker.
| org.jboss.ws.WSException: Invalid HTTP server response [401] - Unauthorized
| at
org.jboss.ws.core.soap.SOAPMessageUnMarshaller.read(SOAPMessageUnMarshaller.java:77)
| at
org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:175)
| ...
| javax.xml.ws.WebServiceException: java.io.IOException: Could not
transmit message
|
Using the default "JBossWS" security domain, with username "kermit" and
password "thefrog" taken from users.properties, works with both local and
remote deployment of my web service. So I was thinking maybe the data source is
not found?
However, the database seems to be correctly bound, judging by the server log
data:
anonymous wrote : INFO
[org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] Bound
ConnectionManager 'jboss.jca:service=DataSourceBinding,name=jdbc/WSTwoDS' to
JNDI name 'java:jdbc/WSTwoDS'
Perhaps my client needs special jndi.properties settings? (pure brainstorming,
potentially stupid, based on some forum posts I browsed)
How my files look like:
Security-relevant annotations on Web Service (which is deployed as SLSB in an
ear):
@org.jboss.wsf.spi.annotation.WebContext(contextRoot = "/webservices-ws",
urlPattern="/services/WSTwo/*", authMethod="BASIC", transportGuarantee="NONE",
secureWSDLAccess=false)
| @SecurityDomain("wstwo")
| @RolesAllowed("friend")
In server/default/conf/login-config.xml on the remote machine I have added the
"wstwo" application policy thus:
<application-policy name="wstwo">
| <authentication>
| <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag="required">
| <module-option
name="dsJndiName">java:/jdbc/WSTwoDS</module-option>
| <module-option name="principalsQuery">
| select pass from USERS where login=?
| </module-option>
| <module-option name="rolesQuery">
| select role,'Roles' from USER_ROLES where login=?
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
And the data source for the web service is defined in the
server/default/deploy/*-ds.xml file like this:
<local-tx-datasource>
| <jndi-name>jdbc/WSTwoDS</jndi-name>
|
<connection-url>jdbc:mysql://IP_OF_MY_LOCALHOST:3306/security</connection-url>
| ...
| </local-tx-datasource>
And of course the tables as described in the application policy are defined on
my local machine.
In the client I pass the username and password:
((BindingProvider)wstwo).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"user");
|
((BindingProvider)wstwo).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"pass");
Does anyone have any idea about where I'm doing something wrong? Thank you!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4162598#4162598
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4162598
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
