Steve Cohen [http://community.jboss.org/people/stevecoh4] created the discussion
"Re: Session-based web service with JBossWS?" To view the discussion, visit: http://community.jboss.org/message/633099#633099 -------------------------------------------------------------- Hmm, tough crowd. 38 people have looked at this an nobody's biting. Seems like I'm really swimming against the current here - again :( . I always seem to wind up doing that. ;) But truly, my use case is valid. I want to wrap a service as a web service so that more than hardwired clients can use it. There is a real need for session - consider the example of a phone call. It's not a bunch of discrete messages, it's a CONVERSATION. That's what I'm trying to implement. Anyhoo... One possible solution approach I've come up with is here: http://docs.jboss.org/ejb3/app-server/reference/build/reference/en/html/partial_deployment_descriptors.html http://docs.jboss.org/ejb3/app-server/reference/build/reference/en/html/partial_deployment_descriptors.html In a partial deployment descriptor I can specify METHOD-level permissions. So, if this works, login can be protected, other methods not. In exploring this, I soon bump up against my first problem. As soon as I create a partial deployment descriptor, before I even put anything in it, my web service which was successfully validating every method, now fails with this: 13:29:45,877 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:198) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186) ... It's no longer looking for jbossws-users.properties - now it's looking for users.properties. So, at this point do I need to replace jbossws-users.properties with users.properties (realizing that all this eventually goes away when I hook a real LoginModule) or is there something else I can do? Also, will the @PermitAll annotation conflict with the JBoss @WebContext.authMethod stuff? Thanks. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/633099#633099] Start a new discussion in JBoss Web Services at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
_______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user