Feel free to modify the wiki page! Matt
On 10/24/07, George.Francis <[EMAIL PROTECTED]> wrote: > > This works - thank's very much. I'd wholeheartedly recommend that this be > added as a note in the Webservice tutorial where it mentions securing the > webservice! > > > Marcello Teodori wrote: > > > > If it can be useful, this is a snippet from what I've changed in my > > security.xml file to have basic-authentication working correctly: > > > > <!-- ======================== FILTER CHAIN ======================= --> > > > <bean id="filterChainProxy" > > class="org.acegisecurity.util.FilterChainProxy"> <property > > name="filterInvocationDefinitionSource"> <value> > > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > > PATTERN_TYPE_APACHE_ANT /images/**=#NONE# > > /scripts/**=#NONE# /styles/**=#NONE# > > > /services/**=httpSessionContextIntegrationFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,basicExceptionTranslationFilter,filterInvocationInterceptor > > > > > /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor > > </value> > > <!-- Put channelProcessingFilter before > > securityContextHolderAwareRequestFilter to turn on SSL switching --> > > <!-- It's off by default b/c Canoo WebTest doesn't support SSL > > out-of-the-box --> > > </property> > > </bean> > > > > <bean id="basicProcessingFilterEntryPoint" > > class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"> > > <property name="realmName" value="AppFuse Web Services"/> > > </bean> > > > > <bean id="basicProcessingFilter" > > class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"> > > <property name="authenticationManager" > > ref="authenticationManager"/> > > <property name="authenticationEntryPoint" > > ref="basicProcessingFilterEntryPoint" /> > > </bean> > > > > <bean id="basicExceptionTranslationFilter" > > class="org.acegisecurity.ui.ExceptionTranslationFilter"> > > <property name="authenticationEntryPoint" > > ref="basicProcessingFilterEntryPoint" /> > > </bean> > > > > > > Now both endpoint and WSDL definition prompt for authentication in the > > browser. > > I'm still investigating if it is also possible to support WSS, which would > > preferrable for my application, following the hints I've found here: > > > > > http://www.vorburger.ch/blog1/2006/10/propagating-acegis-security-context-in.html > > > > Marcello > > > > > > mraible wrote: > >> > >> Do you have webservices only - or are you serving up an HTML interface > >> as well. I'd suggest modifying your filterChainProxy to have > >> /services/**=filterChainWithBasicAuthenticationFilter. > >> > >> Then adding basic authentication bean definitions to your security.xml. > >> > >> Matt > >> > >> On 10/24/07, George.Francis <[EMAIL PROTECTED]> wrote: > >>> > >>> Please help me get secure webservices running in my app! > >>> I have added /services/**=ROLE_ADMIN,ROLE_USER to security.xml as > >>> instructed > >>> in the tutorial (http://appfuse.org/display/APF/Web+Services). What I > >>> need > >>> to know is, has ANYONE got this successfully working? If so could you > >>> PLEASE post the request/response messages for any operation? I have > >>> tried > >>> authenticating in several different ways but no matter what I send my > >>> webservice (once it's secured) I get a 302 redirect and it's driving me > >>> mad. > >>> Thanks in advance!! > >>> -- > >>> View this message in context: > >>> http://www.nabble.com/Secured-Webservice-tf4685214s2369.html#a13388798 > >>> Sent from the AppFuse - User mailing list archive at Nabble.com. > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>> For additional commands, e-mail: [EMAIL PROTECTED] > >>> > >>> > >> > >> > >> -- > >> http://raibledesigns.com > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > -- > View this message in context: > http://www.nabble.com/Secured-Webservice-tf4685214s2369.html#a13394903 > Sent from the AppFuse - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- http://raibledesigns.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
