Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-8890

EJB WS authentication not working when using "strict" allRolesMode in server.xml Realm

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: EAP_EWP 5.1.2
    • Fix Version/s: None
    • Component/s: Web Services
    • Labels:
    • Environment:

      JBoss Enterprise Application Platform 5.1.2, both WS-native and WS-CXF affected

    • Steps to Reproduce:
      Hide

      1. Deploy attached demo application
      2. Use e.g. soap-ui to test the web service
      3. Get 40x(401 I think) page

      Show
      1. Deploy attached demo application 2. Use e.g. soap-ui to test the web service 3. Get 40x(401 I think) page
    • Affects:
      Documentation (Ref Guide, User Guide, etc.)
    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide

      use "authOnly" mode on Realm in server.xml

      Show
      use "authOnly" mode on Realm in server.xml
    • Release Notes Text:
      This behaviour is by design.
    • Docs QE Status:
      NEW

      Description

      The customer needs to use "strict" mode on Realm in server.xml. By documentation it requires web.xml, however when using EJB Web Services there is no web.xml. Where does it pick authorization configuration from? ejb-jar.xml clearly not but I'm trying to figure out whether it's bug or feature. Please note that using annotations like @RolesRequired and @SecurityDomain is not considered here.

      I'm attaching example project web-service-test-app2.ear and jboss_config.zip.

      I have also example project when using POJO WS with web.xml. Then authorization works fine even with "strict" mode. Please request if interested.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              ropalka Richard Opalka
              Reporter:
              adam.kovari Adam Kovari (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: