cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Setting an Authentication Level for a WS using Deployment Descriptor Files

roberto_mazzola
Explorer

on ‎01-06-2010 10:25 AM

0 Kudos

Hi

I'm developing WS with authentication level BASIC but I have some problem deploying it.

I read from https://cw.sdn.sap.com/cw/docs/DOC-106319 how to setting authentication level using annotation, but I cannot use annotation because my WS are cross-platform (they can be executed on SAP NetWeaver AS, JBoss, IBM WebSphere).

My WS is based on a stateless EJB Session 2.1.

My ejb-jar contains security-role-ref.

<?xml version="1.0" encoding="UTF-8"?>
<ejb-jar id="ejb-jar_ID" version="2.1" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/ejb-jar_2_1.xsd">
	<enterprise-beans>
		<session id="AsyncOrd10">
			<description>AsyncOrd10</description>
			<ejb-name>AsyncOrd10</ejb-name>
			<local-home>com.dat.now.ws.ord.AsyncOrd10Home</local-home>
			<local>com.dat.now.ws.ord.AsyncOrd10</local>
			<service-endpoint>com.dat.now.ws.ord.AsyncOrd10WS</service-endpoint>
			<ejb-class>com.dat.now.ws.ord.AsyncOrd10EJB</ejb-class>
			<session-type>Stateless</session-type>
			<transaction-type>Container</transaction-type>
			<resource-ref id="AsyncOrd10Ref">
				<description>Reference to the DataSource used by AsyncOrd10</description>
				<res-ref-name>jdbc/AsyncOrd10</res-ref-name>
				<res-type>javax.sql.DataSource</res-type>
				<res-auth>Container</res-auth>
			</resource-ref>
			<security-role-ref id="SecurityRoleRef_AsyncOrd10">
				<role-name>everyone</role-name>
				<role-link>everyone</role-link>
			</security-role-ref>
		</session>
	</enterprise-beans>
	<assembly-descriptor id="assembly-descriptor_ID">
		<security-role id="SecurityRole_everyone">
			<role-name>everyone</role-name>
		</security-role>
		<security-role id="SecurityRole_sysadm">
			<role-name>sysadm</role-name>
		</security-role>
		<method-permission id="MethodPermission_AsyncOrd10">
			<role-name>everyone</role-name>
			<method id="MethodElement_AsyncOrd10">
				<ejb-name>AsyncOrd10</ejb-name>
				<method-name>*</method-name>
			</method>
		</method-permission>
		<container-transaction id="container-transaction_AsyncOrd10">
			<method id="AsyncOrd10_methods">
				<ejb-name>AsyncOrd10</ejb-name>
				<method-name>*</method-name>
			</method>
			<trans-attribute>Required</trans-attribute>
		</container-transaction>
	</assembly-descriptor>
</ejb-jar>

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

roberto_mazzola
Explorer
‎01-06-2010 10:37 AM
0 Kudos

for JBoss I can set in the jboss.xml the auth-method (under the port-component)


<?xml version="1.0" encoding="UTF-8"?>
<jboss>
	<security-domain>java:/jaas/absolut</security-domain>
	<enterprise-beans>
		<session>
			<ejb-name>AsyncOrd10</ejb-name>
			<local-jndi-name>com.dat.now.ws.ord.AsyncOrd10</local-jndi-name>
			<port-component>
			<port-component-name>AsyncOrd10WSPort</port-component-name>
				<port-component-uri>AsyncOrd10</port-component-uri>
				<auth-method>BASIC</auth-method>
			</port-component>

			<resource-ref>
				<res-ref-name>jdbc/AsyncOrd10</res-ref-name>
				<res-type>javax.sql.DataSource</res-type>
				<jndi-name>java:/now</jndi-name>
			</resource-ref>
		</session>
	</enterprise-beans>
</jboss>

For IBM WebSphere I should use an additional step in the deploy

Maybe I missing something in the ejb-j2ee-engine.xml ?

this is it :


<?xml version="1.0" encoding="UTF-8"?>
<ejb-j2ee-engine>
	<enterprise-beans>
		<enterprise-bean>
			<ejb-name>AsyncOrd10</ejb-name>
			<jndi-name>com.dat.now.ws.ord.AsyncOrd10</jndi-name>
			<resource-ref>
				<res-ref-name>jdbc/AsyncOrd10</res-ref-name>
				<res-link>now</res-link>
			</resource-ref>
		</enterprise-bean>
	</enterprise-beans>
<security-permission>
<security-role-map>
<role-name>everyone</role-name>
<server-role-name>all</server-role-name>
</security-role-map>
<security-role-map>
<role-name>sysadm</role-name>
<server-role-name>administrators</server-role-name>
</security-role-map>
</security-permission>

</ejb-j2ee-engine>

Thanks

Show replies
Show replies
Ask a Question