Topic
  • 1 reply
  • Latest Post - ‏2012-02-17T17:16:02Z by SystemAdmin
SystemAdmin
SystemAdmin
1009 Posts

Pinned topic JAX-WS service provider with WS-Security Configuration Question

‏2012-02-07T21:11:37Z |
Hello all,

I have been trying to create a basic secure JAX-WS based web service, and I believe I've followed the correct steps to secure the service. I really just need UNT (user name token) support, not necessarily any message encryption using keysets or anything fancy at this point.

I have my policy set and binding copied from the standard WebSphere entries, and the service provider has those attached. Global security is enabled, and I've tested the basic HTTP authentication, and that part works fine. This is on a WebSphere App Server v 7.0.0.19.

I keep receiving the following message/exception when I try to invoke my service through soapUI:

CWWSS6521E: The Login failed because of an exception: javax.security.auth.login.LoginException: Login Failure: all modules ignored ocurred while running action: com.ibm.ws.wssecurity.handler.WSSecurityConsumerHandler$1@3b663b66

I've searched for 2 days now, and I can't find anything that really helps me solve this. I'm sure it's something fairly simple. Does anyone know what I might be missing in my configuration?

Any help or suggestions are greatly appreciated.

Regards,
Tony
Updated on 2012-02-17T17:16:02Z at 2012-02-17T17:16:02Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    1009 Posts

    Re: JAX-WS service provider with WS-Security Configuration Question

    ‏2012-02-17T17:16:02Z  
    I believe I found the solution to this problem. The issue is within the binding configuration.

    Within the binding location: General provider policy set bindings -> MyBinding -> WS-Security -> Authentication and protection -> con_unametoken, the JAAS login dropdown needs to be set to wss.consume.unt.

    In my configuration, that value was incorrectly set to wsssecurity.UsermameToken.

    Hopefully this helps someone else in the future.

    Regards,
    Tony