This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes JBoss AS 6 SSL HTTPS WebService Access and LDAP Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "JBoss AS 6 SSL HTTPS WebService Access and LDAP Authentication" Watch "JBoss AS 6 SSL HTTPS WebService Access and LDAP Authentication" New topic
Author

JBoss AS 6 SSL HTTPS WebService Access and LDAP Authentication

Fabio Navarrete
Greenhorn

Joined: Jan 09, 2013
Posts: 2
Hi!

I've successfully configured JBoss to receive https requests with a self-signed certificate. I have a web service deployed that authenticates against my LDAP server with this application policy:



My web.xml file has the next config to enable https access:



The authentication was working without the set up for https access. When the web service is up in https mode it doesn't make any authentication process.

My EJB - web service class looks this way:



By now I need to have both of them working. I need the web service to work with https access and the authentication against my LDAP server.

Thank you for your help!
Jaikiran Pai
Marshal

Joined: Jul 20, 2005
Posts: 9953
    
163

Fabio, welcome to CodeRanch!

When the web service is up in https mode it doesn't make any authentication process.


What exactly happens? Do you see any error messages or does it just allow access to the component without any authentication?


[My Blog] [JavaRanch Journal]
Fabio Navarrete
Greenhorn

Joined: Jan 09, 2013
Posts: 2
Hi Jaikiran!

Thank you for your help, what was happening was that it allowed the access without any authentication. Right now I've found the solution. It's kind of weird because the change I made is not a big deal. It works with the next annotations config:

- My web.xml is now empty

- My EJB - Web Service:




With this change what I've got is that now the web service is exposed directly in a https://... URL. With the former config it was always exposed in http://... and now the authentication process is done correctly. To prevent simple http conections I removed the http connector from JBoss config (jbossweb.sar/server.xml). I would like to know if there's a better option to avoid http connections just for my application and not the whole server.

Thank you!

(btw ... I don't know if right now I should mark this topic as resolved)
 
 
subject: JBoss AS 6 SSL HTTPS WebService Access and LDAP Authentication
 
Similar Threads
Enable Security for JBoss + WS
Configuring the application policy in login-config.xml for LDAP Apache DS
Example Code for JAAS with JBoss? Got it to work by "fudging." How do Right?
LdapLoginModule - almost working
JBOSS LdapLoginModule authentication. Help needed for code to use LoginContext