There is a test case for ejb security web service sample, please refer to https://svn.apache.org/repos/asf/geronimo/server/branches/2.2/testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec
2010/8/26 Faw <fawzib.ro...@gmail.com> > > I want to secure my SOAP webservice with basic authentication. I searched > in > the knowledgebase and found this: > > > https://cwiki.apache.org/GMOxKB/how-do-i-enable-security-for-ejb-web-service.html > > So I tried and added that to my configuration, this is part my > openejb-jar.xml > > <ejb:enterprise-beans> > <ejb:session> > <ejb:ejb-name>loggers-rpc</ejb:ejb-name> > <ejb:web-service-security> > <ejb:security-realm-name>geronimo-admin</ejb:security-realm-name> > <ejb:transport-guarantee>NONE</ejb:transport-guarantee> > <ejb:auth-method>BASIC</ejb:auth-method> > <ejb:http-method>POST</ejb:http-method> > <ejb:http-method>PUT</ejb:http-method> > </ejb:web-service-security> > </ejb:session> > </ejb:enterprise-beans> > > It gave me an error "Ejb app has method permissions but no security > configuration supplied in geronimo plan", so after searching around for a > while i found an answer (this should be mentioned and explained in that > same > wiki page), so i added the following to openejb-jar.xml: > > <sec:security> > <sec:role-mappings> > <sec:role role-name="admin"> > <sec:principal name="admin" > > class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"/> > </sec:role> > </sec:role-mappings> > </sec:security> > > and added the following to my service: > > @Stateless > @RolesAllowed("admin") > public class RegisterBean extends BaseService implements Register { > .... > } > > The service deploys well, when I try to call it (using the soapui generic > client) it with no user/password it fails (as it should), but when I use > username/password it also fails. I don't know what Im missing. Can anyone > give me any ideas? > -- > View this message in context: > http://apache-geronimo.328035.n3.nabble.com/Secure-WebService-with-BASIC-Authentication-tp1354513p1354513.html > Sent from the Users mailing list archive at Nabble.com. > -- Ivan