If it can be useful, this is a snippet from what I've changed in my
security.xml file to have basic-authentication working correctly:
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource"> <value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT /images/**=#NONE#
/scripts/**=#NONE# /styles/**=#NONE#
/services/**=httpSessionContextIntegrationFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,basicExceptionTranslationFilter,filterInvocationInterceptor
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
<!-- Put channelProcessingFilter before
securityContextHolderAwareRequestFilter to turn on SSL switching -->
<!-- It's off by default b/c Canoo WebTest doesn't support SSL
out-of-the-box -->
</property>
</bean>
<bean id="basicProcessingFilterEntryPoint"
class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName" value="AppFuse Web Services"/>
</bean>
<bean id="basicProcessingFilter"
class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationEntryPoint"
ref="basicProcessingFilterEntryPoint" />
</bean>
<bean id="basicExceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint"
ref="basicProcessingFilterEntryPoint" />
</bean>
Now both endpoint and WSDL definition prompt for authentication in the
browser.
I'm still investigating if it is also possible to support WSS, which would
preferrable for my application, following the hints I've found here:
http://www.vorburger.ch/blog1/2006/10/propagating-acegis-security-context-in.html
Marcello
mraible wrote:
>
> Do you have webservices only - or are you serving up an HTML interface
> as well. I'd suggest modifying your filterChainProxy to have
> /services/**=filterChainWithBasicAuthenticationFilter.
>
> Then adding basic authentication bean definitions to your security.xml.
>
> Matt
>
> On 10/24/07, George.Francis <[EMAIL PROTECTED]> wrote:
>>
>> Please help me get secure webservices running in my app!
>> I have added /services/**=ROLE_ADMIN,ROLE_USER to security.xml as
>> instructed
>> in the tutorial (http://appfuse.org/display/APF/Web+Services). What I
>> need
>> to know is, has ANYONE got this successfully working? If so could you
>> PLEASE post the request/response messages for any operation? I have
>> tried
>> authenticating in several different ways but no matter what I send my
>> webservice (once it's secured) I get a 302 redirect and it's driving me
>> mad.
>> Thanks in advance!!
>> --
>> View this message in context:
>> http://www.nabble.com/Secured-Webservice-tf4685214s2369.html#a13388798
>> Sent from the AppFuse - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Secured-Webservice-tf4685214s2369.html#a13392365
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
