Fabrizio Boco [http://community.jboss.org/people/fboco] created the discussion
"Web Service authentication" To view the discussion, visit: http://community.jboss.org/message/539248#539248 -------------------------------------------------------------- Hi guys, I have a seam application that exposes a WebService: @Stateless @RemoteBinding(jndiBinding = "Test") @WebService() @SOAPBinding(style = Style.RPC) @Remote(TestWsRemoteInterface.class) public class TestWs implements TestWsRemoteInterface { �...@persistencecontext() private EntityManager entityManager; �...@webmethod public int method1(bla bla) { .... } .... } Now I need to secure the methods, that is only authorized users should call them. Userid and password would be sufficient and I don't need any encryption. Following this document: http://community.jboss.org/wiki/JBossWS-Authentication http://community.jboss.org/wiki/JBossWS-Authentication I changed my Web Service as follows: @Stateless @RemoteBinding(jndiBinding = "Test") @WebService() @SOAPBinding(style = Style.RPC) @Remote(TestWsRemoteInterface.class) @SecurityDomain("JBossWS") @RolesAllowed("friend") public class TestWs implements TestWsRemoteInterface { ... } Authentication doesn't work, since I am still able to call the web service's methods without any restriction. Likely I am using the wrong configuration. Can anyone provide me a configuration document / example ? My environment is jboss 5.1.0, seam 2.2.0.GA. Thank you in advance Fab -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/539248#539248] Start a new discussion in JBoss Web Services at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
