jaxws ejb3 endpoint http basic auth RolesAllowed in deployment descriptor

Latest response

JBoss EAP 6.3.0.GA (AS 7.4.0.Final-redhat-19)
JDK 1.7.0_75
RHEL 6.6

I have created a web service with ejb3 endpoint and packaged and deployed as ejb jar
https://github.com/sgurjar/jbossws.ejb3

I needed to set up http basic auth for the webservice http call. I could add jboss-webservices.xml
https://github.com/sgurjar/jbossws.ejb3/blob/master/src/main/resources/META-INF/jboss-webservices.xml

<webservices xmlns="http://www.jboss.com/xml/ns/javaee">
  <context-root>hr</context-root>
  <port-component>
    <ejb-name>HrServiceBean</ejb-name>
    <port-component-name>HumanResourcePort</port-component-name>
    <port-component-uri>/*</port-component-uri>
    <auth-method>BASIC</auth-method>
    <transport-guarantee>NONE</transport-guarantee>
    <secure-wsdl-access>false</secure-wsdl-access>
  </port-component>
</webservices>

But I couldn't find a way to configure security role in deployment descriptor, I used javax.annotation.security.RolesAllowed annotation and it worked. However, I want to do it in the deployment descriptor. Is there a way to do this in the deployment descriptor.

Thanks

Responses

If you are creating a EJB3 endpoint why don't want to use @RoleAllowed? If you are deploying this as a WAR you can add the security constraint to your web.xml I believe. Check out this article [1] however, as you're already using EJB3 endpoint, to NOT use annotations to configure the security side doesn't make much sense as it's the easiest and quickest way to get this to work.

Regards Mus

[1] https://access.redhat.com/solutions/22480

Thanks for you reply.

As I understand from your reply, If I package it as ejb jar then I have no choice but to use @RoleAllowed. However, I can set this up in the deployment descriptor if I package this as war. Since I want to use this component as both http webservice and ejb, resource references that I define in deployment descriptor needs to be in both ejb-jar.xml (jboss-ejb3.xml) and web.xml (jboss-web.xml), or just one, specifically in jboss-/web.xml when I package it as war.

Thanks for your help.