Secure Web Service with Basic Authentication in Jboss AS 7 Server
In this article, we will implement a web service with basic authentication using Jboss AS 7 server.
-
Create a Simple Web Service
Start with implementing a simple RPC servlet-based web service with JAX-WS.
-
Create a User in Jboss AS 7
New user in Jboss AS 7 is added with add-user utility. Run add-user.bat which is located in {jboss.home}/bin:
More details about "Add-user utility" read at Jboss Documentation.
-
Add allowed roles to Web Service Endpoint Implementation
@RolesAllowed({"newrole"}) @WebService(endpointInterface = "example.ExamClouds") public class ExamCloudsImpl implements ExamClouds { ... } -
Modify web.xml
Add security-role, security-constraint and login-config elements.
<security-role> <role-name>newrole</role-name> </security-role> <security-constraint> <web-resource-collection> <web-resource-name>ECCollection</web-resource-name> <url-pattern>/ExamClouds</url-pattern> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>newrole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>ApplicationRealm</realm-name> </login-config> -
Create jboss-web.xml
<jboss-web> <security-domain>java:/jaas/other</security-domain> </jboss-web> -
Add authentication credentials to the client
ExamCloudsImplService service = new ExamCloudsImplService(); ExamClouds port = service.getExamCloudsImplPort(); BindingProvider prov = (BindingProvider) port; prov.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "newuser"); prov.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "new"); System.out.println(port.getSiteName()); System.out.println(port.getSiteDescription());
Read also: Курсы программирования Java с нуля, Java тесты онлайн, Вопросы на собеседовании по Java.
Please log in or register to have a possibility to add comment.