Hi,
I am sorry for this posting, since I think this has been asked many many times.
I have read all the related topics and tried many things, but still I cannot
make my .NET client connect to my JBoss 4.0.5GA Webservices. My Visual Basic
2005 .NET client gives the error 'Authorization failed'. When I use @PermitAll
it works fine. I really hope somebody can help me, since I have an idea what to
do next.
What have I done:
1) Specified @SecurityDomain("AthenaWS") in the Webservice and added
@RolesAllowed("RegularUser") for all methods. The annotations of the class
start with:
@WebService (name="ApplicationEndPoint", serviceName="Application",
targetNamespace = "http://address:8080/athenaserver";)
@SOAPBinding (style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL,
parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
@Stateless
@Remote(ApplicationRemote.class)
@RemoteBinding(jndiBinding = "/ejb3/ApplicationEndPoint")
@SecurityDomain("AthenaWS")
public class etc
2) Added the following text to JBOSS_HOME/server/default/conf/login-config.xml:
<!-- A template configuration for the AthenaWS web application (and
transport layer!).
This defaults to the UsersRolesLoginModule the same as other and should be
changed to a stronger authentication mechanism as required.
-->
<application-policy name="AthenaWS">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option
name="usersProperties">props/athenaws-users.properties</module-option>
<module-option
name="rolesProperties">props/athenaws-roles.properties</module-option>
<module-option
name="unauthenticatedIdentity">anonymous</module-option>
<module-option name="hashEncoding">base64</module-option>
<!--
<module-option name="hashAlgorithm">MD5</module-option> (when basic
works, I want to use digest authentication)
-->
</login-module>
</application-policy>
3) Placed athenaws-users.properties in the
JBOSS_HOME/server/default/conf/props, this has the following contents:
velzm=secret
4) Placed athenaws-roles.properties in the
JBOSS_HOME/server/default/conf/props, this has the following contents:
velzm=RegularUser
5) Downloaded Visual Basic 2005 Express Edition and SDK 2.0. I am using
InfoPath 2007 but this cannot work with JBoss secured webservices directly,
only using SharePoint Server this should be possible using UDC reading the
documentation. However, I don't want this additional layer, so I am trying to
make a work-a-round. I am using the tool wsdl.exe to generate a Visual Basic
class for the webservice. Later when this works, I want to see if it possible
to generate JavaScript code and embed this in the InfoPath form, so
distribution no problem. With VB I must distribute the dll, which would suck.
6) Extended the generated VB webservice class, since preAuthenticate according
to the topics gives problem. The VB code is:
Option Explicit On
Imports System
Imports System.IO
Imports System.Net
Imports System.Text
Public Class ApplicationWS
Inherits Application
Private nc As NetworkCredential = Nothing
Protected Overrides Function GetWebRequest(ByVal Uri As Uri) As
System.Net.WebRequest
Dim request As System.Net.HttpWebRequest = MyBase.GetWebRequest(Uri)
If (MyBase.PreAuthenticate) Then
Dim nc As System.Net.NetworkCredential =
MyBase.Credentials.GetCredential(Uri, "Basic")
Dim credBuf() As Byte = New
System.Text.UTF8Encoding().GetBytes(nc.Domain + "\" + nc.UserName + ":" +
nc.Password)
If Not credBuf Is Nothing Then
request.Headers("Authorization") = "Basic " +
Convert.ToBase64String(credBuf)
End If
End If
GetWebRequest = request
End Function
Public Overloads Function getExchanges() As String()
Dim parms As New getExchanges
Return MyBase.getExchanges(parms)
End Function
Public Sub New()
MyBase.New()
MyBase.PreAuthenticate = False
End Sub
Public Sub New(ByVal domain As String, ByVal user As String, ByVal password
As String)
MyBase.New()
MyBase.Credentials = New NetworkCredential(user, password, domain)
MyBase.PreAuthenticate = True
End Sub
End Class
7) Testing the stuff, by the following VB code:
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim application As New ApplicationWS("AthenaWS", "velzm", "secret")
Dim count As Integer
Try
Dim exchanges() As String = application.getExchanges()
For count = 0 To exchanges.Length - 1
Console.WriteLine(exchanges(count))
Next count
Console.Beep()
Catch ex As Exception
MsgBox("ex=" + ex.Message)
End Try
End Sub
This results in the message 'Authorization failure'. What's wrong ?
- In JBoss 4.0.5GA I don't see an annotation of validateUnauthorizedTrue, so I
cannot set this to true.
Question which I have, is this option still necessary to set in JBoss 4.0.5GA ?
- JBOSS_HOME/server/default/logs/server.log shows the following line:
2006-12-02 09:18:20,062 DEBUG [jbossws.SOAPMessage] Incomming SOAPMessage
<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'
xmlns:xsd='http://www.w3.org/2001/XMLSchema'
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'>
<soap:Header/>
<soap:Body>
</soap:Body></soap:Envelope>
Question which I have, where is the authentication header ?? I have used the
debugger for overridded function GetWebRequest and this is called correctly,
but is it not sending the information ? Or is it sending the information, but
not showing up in the log ?
I really need some suggestions, since I am stuck.
Thanks in advance,
Marcel van Velzen
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3990739#3990739
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3990739
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
