It's not a secret anymore!*
The moose likes Web Services and the fly likes Weblogic security - ajax web service Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Weblogic security - ajax web service" Watch "Weblogic security - ajax web service" New topic
Author

Weblogic security - ajax web service

clyles
Greenhorn

Joined: Apr 30, 2002
Posts: 7
Has anyone created a ajax WebService, then deployed your application within Weblogic and allowed for an unauthenticated user to access that service?

We have developed an application that includes several security constraints that provide access to areas of the app for authenticated users. But, now I would like for someone (anyone) to access a URL without being authenticated.

Within the web.xml, I've created a security constraint that that I assumed would allow anyone access:

This configuration works locally, but not when deployed to the dev server.


I've even tried providing an auth-constraint:


When I try to access the URL: http://localhost:8080/services/MyService, I get an error stating: faultString: org.xml.sax.SAXParseException: White spaces are required between publicId and systemId.

But, if I log in to the application then use that URL, I'm able to see the available webservices.

How do I get around the authentication??

Thanks!
Peer Reynders
Bartender

Joined: Aug 19, 2005
Posts: 2906
Welcome to JavaRanch "WhyMe",

Please check your private messages.


"Don't succumb to the false authority of a tool or model. There is no substitute for thinking."
Andy Hunt, Pragmatic Thinking & Learning: Refactor Your Wetware p.41
Scott Selikoff
Saloon Keeper

Joined: Oct 23, 2005
Posts: 3697
    
    5

"clyles"

Your name still does not conform to the JavaRanch Naming Policy. Please review the policy and update it appropriately. This is your second warning.

Scott Selikoff


My Blog: Down Home Country Coding with Scott Selikoff
 
Don't get me started about those stupid light bulbs.
 
subject: Weblogic security - ajax web service
 
Similar Threads
Security Doubt
If http-method is not specified, then nobody can access the resource ?
related to auth constraint
Question on multiple security-constraint elements
Tomcat authentication and RACF