Hi everyone,
I have just logged into this forum, because I found out that there are a lot of helpful information. I scrutinised it and unfortunately I did not find any useful information connected with my case. I would like to ask you is it possible to use secure webservices by JAAS. My simple webservices are invoked from android application using
soap and wsdl. I used JAAS for securing my web application so I think I understand how it works and I also read a few articles about using annotations to secure
EJB. My major problem is how to authenticate and authorize user by webservice. Here is an example:
It works without @SecurityDomain annotation. "EGpw" name is my login-config which I use in web application and it works too. My questions is how to authenticate and authorize user by other @WebMethod to let him invoke getHistory method. Currently, with @SecurityDomain annotation invoking any of my methods gives me EJBAccessException: Invalid User
I really appreciate any help, sorry for my english, hope you understand what I meant
Michal