JBoss AS 7: Hello World WebService with Database Authentication/Authorization

adevedo's picture
0
No votes yet

JBoss AS 7, the latest major release of the open source application server developed by Red Hat, many enhancements were done in that release, as said by Red Hat, Blazingly fast (<3s startup), Lightweight, Modular core, Hot, parallel deployment, Elegant administration, Domain management, and First class components. In this article I explain how to make an EJB based CXF WebService with Basic Authentication and Database authentication/authorization module.

The first step is to create the database model that will represent the users roles repository for authentication and authorization

CREATE TABLE "S_USER" ("ID" NUMBER, "USERNAME" VARCHAR2(500 CHAR), "PASSWORD" VARCHAR2(100));
CREATE TABLE "S_GROUP" ("ID" NUMBER, "NAME" VARCHAR2(500 CHAR));
CREATE TABLE "S_ROLE" ("ID" NUMBER, "NAME" VARCHAR2(500 CHAR));
CREATE TABLE "S_USER_GROUP" (USER_ID NUMBER, GROUP_ID NUMBER);
CREATE TABLE "S_GROUP_ROLE" (GROUP_ID NUMBER, ROLE_ID NUMBER);

Add role called "say-hello" to roles table

The model means, every user can have many groups and each group can have many roles assigned (only 1 role in our case).

Add the required relations and constraints(i.e. primary key, unique constraint...etc) to your model

The second step is to configure jboss datasources and add our database datasource to the "standalone-full-ha.xml" configuration file - located under "JBOSS_HOME/standalone/configuration"

Inside section "", add the following datasource to connect to an Oracle database, connection url will be changed in case of another database

  1. <datasource jta="true" jndi-name="java:/MY_DB_DS" pool-name="MY_DB_DS" enabled="true" use-java-context="true" use-ccm="true">
  2.         <connection-url>jdbc:oracle:thin:@DB_IP:DB_PORT:DB_SERVICE_NAME</connection-url>
  3.         <driver>ojdbc6_g.jar</driver>
  4.         <pool>
  5.                 <min-pool-size>10</min-pool-size>
  6.                 <max-pool-size>100</max-pool-size>
  7.                 <use-strict-min>false</use-strict-min>
  8.                 <flush-strategy>FailingConnectionOnly</flush-strategy>
  9.         </pool>
  10.         <security>
  11.                 <user-name>DB_USERNAME</user-name>
  12.                 <password>DB_PASSWORD</password>
  13.         </security>
  14. </datasource>

where DB_IP, DB_PORT, DB_SERVICE_NAME, DB_USERNAME and DB_PASSWORD are the Database IP, Database Port, Database Service Name, Database Username and Database Password. Also make sure that the Jar file ojdbc6_g.jar - Oracle DB drive - is deployed into folder deployments - in Jboss 7, database drivers can be deployed in the same way of deploying EAR or WAR files and also can be configured in the standalone configuration file

The next step is to create a security domain for our web service, under section "", add the following:

  1. <security-domain name="helloworld-webservice-login">
  2.         <authentication>
  3.                 <login-module code="Database" flag="required">
  4.                         <module-option name="dsJndiName" value="java:/MY_DB_DS"/>
  5.                         <module-option name="principalsQuery" value="select password from s_user where s_user.username=?"/>
  6.                         <module-option name="rolesQuery" value="select name, 'Roles' from s_role where id in (select ROLE_ID from s_group_role, s_group, s_user, s_user_group where s_user.id=s_user_group.user_id and s_user_group.group_id=s_group.id and s_group_role.group_id=s_group.id and s_user.username=?)"/>
  7.                         <!-- Remove or Change based on your password encryption technique -->
  8.                         <module-option name="hashAlgorithm" value="SHA1"/>
  9.                         <module-option name="hashEncoding" value="base64"/>
  10.                 </login-module>
  11.         </authentication>
  12. </security-domain>

The next step  is to create an EJB3 project and add the following interface and class to package "com.helloworld":

Service Interface

  1. package com.helloworld;
  2.  
  3. public interface HelloWorldWebServiceRemote {
  4.         String sayHello();
  5. }

Service Implementation Class

  1. package com.helloworld;
  2.  
  3. import javax.annotation.security.RolesAllowed;
  4. import javax.ejb.Stateless;
  5. import javax.jws.WebService;
  6.  
  7. import org.jboss.ejb3.annotation.SecurityDomain;
  8. import org.jboss.ws.api.annotation.WebContext;
  9.  
  10. @Stateless
  11. @WebService(name = "HelloWorldWS", targetNamespace="http://my-company/ws/")
  12. @WebContext(authMethod = "BASIC", contextRoot = "helloWS", urlPattern = "/*")
  13. @SecurityDomain("helloworld-webservice-login")
  14. public class HelloWorldWebService implements HelloWorldWebServiceRemote {
  15.  
  16.         @RolesAllowed("say-hello")
  17.         public String sayHello() {
  18.                 return "Hello World";
  19.         }
  20. }

The final step is to start JBoss:

  • For Linux : Edit the file "JBOSS_HOME/bin/standalone.conf", change the line JAVA_OPTS="$JAVA_OPTS -Djboss.server.default.config=standalone.xml" to be JAVA_OPTS="$JAVA_OPTS -Djboss.server.default.config=standalone-full-ha.xml", then start JBoss using the command ./standalone.sh
  • For Windows : Edit the file "JBOSS_HOME/bin/standalone.conf.bat", change the line set "JAVA_OPTS=%JAVA_OPTS% -Djboss.server.default.config=standalone.xml" to be set "JAVA_OPTS=%JAVA_OPTS% -Djboss.server.default.config=standalone-full-ha.xml", then start JBoss from file standalone.bat

That's all for basic web service on JBoss 7.1, you can access your web service using the URL : http://localhost:8080/helloWS?WSDL, where 8080 is your JBoss port

Add new comment

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
By submitting this form, you accept the Mollom privacy policy.