Have a look at this example: http://svn.apache.org/repos/asf/servicemix/smx3/trunk/samples/ws-sec/ Your configuration should define that authorization is needed for the given service. Make sure the "test" prefix has been declared in the security.xml config file, but it should work.
For LDAP, authentication would need to write a custom JAAS login module, (ServiceMix does not provide any, but Geronimo has one you could use IIRC) and authorization would require coding a custom AuthorizationMap instead of the one define statically in the security.xml. On Mon, May 12, 2008 at 2:44 PM, pratibhaG <[EMAIL PROTECTED]> wrote: > > Hi, > > I could achieve authentication using LDAP successfully, but not able to > authorize the request > here is my http consumer: > > <http:endpoint service="test:servicehttp" > endpoint="consumerhttp" > role="consumer" > locationURI="http://localhost:8889"; > defaultMep="http://www.w3.org/2004/08/wsdl/in-out"; > soap="true" > targetService="test:MyS1PojoService" > targetEndpoint="myS1PojoSu" > authMethod="BASIC"> > > Here is my login.properties > > servicemix-domain { > sample.module.LdapLoginModule REQUIRED > userProvider="ldap://ip:port/ou=Users,dc=site"; > userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))" > useSSL=false > debug=true;}; > > This works for authentication but not for authorization. How can I achieve > authorization. > > What role groups.properties plays in authorization? > > I tried this in groups.properties > myrole=esbtest > > I tried this in security.xml > <sm:authorizationEntries> > <sm:authorizationEntry service="test:MyS1PojoService" roles="myrole" > /> > </sm:authorizationEntries> > > Still the request is never authorized. I did even get any error > > This is what I got at the log > > DEBUG - ConsumerProcessor - Receiving HTTP request: GET / > HTTP/1.1 > Host: localhost:8889 > User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.1) > Gecko/20061023 SUSE/2.0-30 Firefox/2.0 > Accept: > > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > Authorization: Basic ZXNidGVzdDplc2I= > > > DEBUG - HttpComponent - Retrieving proxied endpoint > definition > DEBUG - BeanComponent - Querying service description for > > ServiceEndpoint[service={http://www.in2n.com/test}MyS1PojoService,endpoint=myS1PojoSu] > DEBUG - BeanComponent - No description found for > {http://www.in2n.com/test}MyS1PojoService:myS1PojoSu > > > How to achieve authorization? > thanks, > Pratibha > > -- > View this message in context: > http://www.nabble.com/How-to-achieve-Authorization-using-LDAP--tp17186833p17186833.html > Sent from the ServiceMix - User mailing list archive at Nabble.com. > > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/
