1. Write a JWS that uses the RolesAllowed and SecurityRole annotation
package examples.webservices.security_jws; import weblogic.jws.WLHttpTransport; import weblogic.jws.Policies; import weblogic.jws.Policy; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; import weblogic.jws.security.RolesAllowed; import weblogic.jws.security.SecurityRole; @WebService(name="SecureHelloWorldPortType", serviceName="SecureHelloWorldService", targetNamespace="http://www.bea.com") @SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle=SOAPBinding.ParameterStyle.WRAPPED) @WLHttpTransport(contextPath="SecureHelloWorldService", serviceUri="SecureHelloWorldService", portName="SecureHelloWorldServicePort") @RolesAllowed ( { @SecurityRole (role="testrole") } ) public class SecureHelloWorldImpl { @WebMethod() public String sayHello(String s) { return "Hello " + s; } }
2) While deploying the EAR select custom roles
3)
Go to myrealm> Realm Roles > Global Roles > Edit Globl Roles and create a new role
testrole and add an existing user to the role
4) You can invoke the Webservice from SOAP UI by providing the username & password in the request properties.