We have a java ee 6 application deployed in glassfish v3.01, we would like to expose some of our EJB's as webservices but we are having trouble securing and authenticating the webservice endpoints. We are using a custom login module and realm. How do we go about authenticating the webservice calls?
Thanks Gideon
@WebService
@Stateless
@DeclareRoles({Role.WEBMASTER, Role.ACCOUNTADMIN, Role.ACCOUNTUSER})
@RolesAllowed({Role.WEBMASTER,Role.ACCOUNTADMIN,Role.ACCOUNTUSER})
public class SmppService
{
@EJB
private SmppEjb ejbRef;// Add business logic below. (Right-click in editor and choose
@WebMethod(operationName = "sendMessage")
@Oneway
public void sendMessage(@WebParam(name = "cellNumber")
St开发者_Go百科ring cellNumber, @WebParam(name = "message")
String message) {
ejbRef.sendMessage(cellNumber, message);
}
}
The username and password go in the http header. All soap clients should have a way to specify this. For instance, in our ruby code that uses soap4r it looks like this
instance = eval(@gateways[gateway]).new(url)
instance.options["protocol.http.auth"] << [url, @auth_data[user][0], @auth_data[user][1]]
instance.options['protocol.http.ssl_config.verify_mode'] = OpenSSL::SSL::VERIFY_NONE
@auth_data[user][0] is the username and @auth_datauser is the password.
If you are creating the header by hand, you have to use Digest Access Authentication
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论