Configuring Authorization

When authentication has been configured for a web service, authorization is used to limit access to the operations of a web service.[SAP1] 

...

       1.      Choose the Features tab in the Web Service Definition. Choose Authorization and Select Feature.

       2.      Open the ejb-jar.xml descriptor. Choose the Assembly tab and add security roles.

       3.      Choose the Enterprise Beans tab, the entry seurity-role-ref, and add the security role references.

       4.      Map the security roles to users. (see: Mapping Users and Groups)

 

If you have not selected the option No password change required when you created a user in the Visual Administrator, you cannot directly call up your servlet because you will first have to change the password.

You should first visit the homepage of the Web service and test the methods. This will be the first login for Clerk_1 and Clerk_2.