Creating an Application
Creating an Application
If the topic of authentication is new to you, refer to the section titled
. For an explanation of how basic authentication
works, see
For this tutorial, you will add the security elements to the JAX-WS service and client; build,
package, and deploy the service; and then build and run the client application.
This example service was developed by starting with an unsecured service, helloservice,
which can be found in the directory
tut-install/javaeetutorial5/examples/jaxws/helloservice and is discussed in
. You build on this simple
application by adding the necessary elements to secure the application using basic
authentication. The example client used in this application can be found at
tut-install/javaeetutorial5/examples/jaxws/simpleclient-basicauth, which only varies
from the original simpleclient application in that it uses the helloservice-basicauth
endpoint instead of the helloservice endpoint. The completed version of the secured service
can be found at tut-install/javaeetutorial5/examples/jaxws/helloservice-basicauth.
In general, the following steps are necessary to add basic authentication to a JAX-WS web
service. In the example application included with this tutorial, many of these steps have been
completed for you and are listed here simply to show what needs to be done should you wish to
create a similar application.
1. Create an application like the one in
. The example in this tutorial starts with that example and
demonstrates adding basic authentication of the client to this application. The completed
version of this application is located in the directories
tut-install/javaeetutorial5/examples/jaxws/helloservice-basicauth and
tut-install/javaeetutorial5/examples/jaxws/simpleclient-basicauth.
2. If the port value was set to a value other than the default (8080), follow the instructions in
to update the example files to reflect this change.
3. If you have not already done so, follow the steps in
for
information on setting up your system to run the example.
4. If you have not already done so, add a user to the file realm and specify user for the group
of this new user. Write down the user name and password so that you can use them for
testing this application in a later step. If you have not already completed this step, refer to the
section
for
instructions.
5. Modify the source code for the service, Hello.java, to specify which roles are authorized to
access the sayHello (String name) method. This step is discussed in
6. Add security elements that specify that basic authentication is to be performed to the
application deployment descriptor, web.xml. This step is discussed in
Examples: Securing Web Applications
The Java EE 5 Tutorial · September 2007
886
