Title: EJB Authentication
|
Hi
Keith,
I am
using Weblogic right now (we also plan to support websphere). I am a bit
confused about what you mean by - replicating EJB security constraints on the
Axis servlet. Are you talking about adding the
<security-role><role-name>somerole</role-name></security-role>
elements?
Thanks,
Ramesh.
Hi Ramesh,
What app server are you using now?
I've had authentication working using Axis on Weblogic and JBoss in
the past, though I do remember it was more complicated than I expected. The
call.setUsername() and call.setPassword() approach looks fine from what I
remember, but maybe that information is not being passed on to the EJB
container.
I seem to remember that what worked best was replicating the EJB security
constraints on the Axis servlet - i.e. adding them to web.xml. That way, when
the Axis EJB provider asks for an InitialContext to do its lookup, it
automatically presents the right username/password settings to the EJB
container.
Hope this helps
Keith
-----Original Message-----
From: Bobba, Ramesh
[mailto:[EMAIL PROTECTED]
Sent: Thu 04/03/2004 00:49
To: Axis-User (E-mail)
Cc:
Subject: EJB
Authentication
Hi,
I get an java.rmi.AccessException exception
because the EJBs that the
WebService implementation class is trying to
use are username/password
protected. We were using weblogic and with
that, the client was able to
authenticate by making
call:
call.setProperty("javax.xml.rpc.security.auth.username",
"username");
call.setProperty("javax.xml.rpc.security.auth.password",
"password");
I tried using both
the
call.setProperty(Call.USERNAME_PROPERTY,
"username")/call.setProperty(Call.PASSWORD_PROPERTY,
"password)
and
also
call.setUsername("username")/call.setPassword("password")
but
both don't seem to work as I still keep getting the
AccessException:
Security Violation User '<anonymous>' has
insufficient permission to access
EJB
Does anyone know how to get
around this
problem?
Thanks,
Ramesh.
|
