> -----Original Message-----
> From: SaravananRamamoorthy [mailto:[email protected]]
> Sent: Friday, February 05, 2010 2:20 AM
> To: [email protected]
> Subject: securing JAX RS
>
>
> Dear All,
>
> To retrieve the Basic Authentication credentials using JAX RS, what
are
> the
> steps to be followed.
>
> 1. Any configuration need in web.xml?
I believe if you haven't configured security in web.xml, the
Authorization header will not get to the app. You'll need something
like the following, and I'm not going to guess what detailed settings
you need, you'll have to research this somewhat:
<security-constraint>
<web-resource-collection>
<web-resource-name>MyAppName</web-resource-name>
<url-pattern>/myurlpattern/*</url-pattern>
<url-pattern>/anotherurlpattern</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeRole</role-name>
</auth-constraint>
<user-data-constraint>
<!--<transport-guarantee>NONE</transport-guarantee>-->
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>myrealm</realm-name>
</login-config>
<security-role>
<role-name>SomeRole</role-name>
</security-role>
<security-role>
<role-name>SomeOtherRole</role-name>
</security-role>
<security-role>
<role-name>StillAnotherRole</role-name>
</security-role>
<security-role>
<role-name>AnotherRole</role-name>
</security-role>
