Pazartesi, Şubat 22, 2010

Adding basic authentication mechanism to JAX-WS web services under Weblogic 10.3

all of us know writing web services with JAX-WS is a piece of cake. But adding basic authentication to these web services under Weblogic 10.3 might be a little annoying. Here is the basic steps to add basic authentication:

first we need to add following configuration to web.xml file of our application;

<!-- role name with access -->
<!-- BASIC authentication -->
<!-- Define security roles -->

after that we need to add following configuration to weblogic.xml file


and that's the all of the modifications we have to make in our application. Now we need to define role (DEFINED_WEBLOGIC_ROLE) and user (DEFINED_WEBLOGIC_USER) in the weblogic by using management console and following Security Realms -> myrealm -> Users and Groups -> Users/Groups menu steps. Don't forget to add the new created user to the group you just defined.

After restarting your server and application you can check security configuration by using following code
UserOperations userOperations = (new UserOperationsService()).getUserOperationsPort();
BindingProvider provider = (BindingProvider) userOperations;
provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "username");
provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "password");

or using soapui, you can set username and password in the Aut tab of the request as shown the picture below;

Hiç yorum yok: