jaxws ejb3 endpoint http basic auth RolesAllowed in deployment descriptor
JBoss EAP 6.3.0.GA (AS 7.4.0.Final-redhat-19)
JDK 1.7.0_75
RHEL 6.6
I have created a web service with ejb3 endpoint and packaged and deployed as ejb jar
https://github.com/sgurjar/jbossws.ejb3
I needed to set up http basic auth for the webservice http call. I could add jboss-webservices.xml
https://github.com/sgurjar/jbossws.ejb3/blob/master/src/main/resources/META-INF/jboss-webservices.xml
<webservices xmlns="http://www.jboss.com/xml/ns/javaee">
<context-root>hr</context-root>
<port-component>
<ejb-name>HrServiceBean</ejb-name>
<port-component-name>HumanResourcePort</port-component-name>
<port-component-uri>/*</port-component-uri>
<auth-method>BASIC</auth-method>
<transport-guarantee>NONE</transport-guarantee>
<secure-wsdl-access>false</secure-wsdl-access>
</port-component>
</webservices>
But I couldn't find a way to configure security role in deployment descriptor, I used javax.annotation.security.RolesAllowed annotation and it worked. However, I want to do it in the deployment descriptor. Is there a way to do this in the deployment descriptor.
Thanks
Responses
If you are creating a EJB3 endpoint why don't want to use @RoleAllowed? If you are deploying this as a WAR you can add the security constraint to your web.xml I believe. Check out this article [1] however, as you're already using EJB3 endpoint, to NOT use annotations to configure the security side doesn't make much sense as it's the easiest and quickest way to get this to work.
Regards Mus
[1] https://access.redhat.com/solutions/22480
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
