VeriCheck.jws Sample

The VeriCheck web service demonstrates the declarative and the programmatic security models supported by WebLogic Workshop.

Concepts Demonstrated by this Sample

Location of Sample Files

This sample is located in the security/async folder of the samples WebLogic Workshop project. In the file system the location is:

BEA_HOME\weblogic700\samples\workshop\applications\samples\security\async\VeriCheck.jws

How to Run the Sample

To configure WebLogic Server security for this web service:

  1. Start WebLogic Server in the appropriate domain.

    • On Microsoft Windows systems, from the Start menu navigate to:

    BEA WebLogic Platform 7.0->WebLogic Workshop->WebLogic Workshop Examples->Start Examples Server.

    • On Linux or Solaris systems, run:

    BEA_HOME/weblogic700/samples/workshop/startWebLogic.sh

  1. Open a web browser and visit the WebLogic Server Administration console page:
    http://localhost:7001/console

    When prompted for a username and password, enter:

  1. Navigate to Compatibility Security/Users.

  2. Under Create a New User enter:

  1. Under Create a New User enter:

  1. Under Create a New User enter:

  1. Navigate to Compatibility Security/Groups. Click Create a New Group...

  2. On the Group tab enter:

  1. Navigate to Compatibility Security/Groups. Click Create a New Group...

  2. On the Group tab enter:

  1. Close the web browser that displays the WebLogic Server Administrative console.

To run this web service:

  1. Launch the service by entering https://localhost:7002/samples/security/async/VeriCheck.jws?.EXPLORE=.TEST in the address bar of a web browser. If WebLogic Server is running in the samples domain on your machine, you may click here to run the sample.

  2. When prompted to accept the digital certificate, click Yes.

  3. When prompted for network authentication information, enter:

  1. Navigate to the Test Form tab of Test View, if necessary.

  2. Enter values for checkingAccountID and amount in the checkForSufficientBalance method. The checkingAccountID parameter can be any string value, the checkForSufficientBalance parameter must be an integer value. Invoke the method by clicking the button labeled checkForSufficientBalance.

  3. You will be prompted again to accept the digital certificate. Click Yes.

  4. You will be prompted again for network authentication information. Enter:

(The reason you are prompted again for authentication information is because Test View makes two different calls to the restricted URL space of the VeriCheck web service: once when you open the Test View and again when you invoke the method checkForSufficientBalance.)

The VeriCheck web service sends the checking account and amount parameters to the Bank web service. The Bank web service checks to see if the checking account has sufficient funds to cover the amount specified. Once the Bank web service has completed its task, it calls back the VeriCheck web service informing VeriCheck whether the account has sufficient funds. The VeriCheck web service then calls back the original client informing the client whether the account has sufficient funds.

Both the VeriCheck and Bank web services require basic authentication. When the VeriCheck service invokes the Bank service's doesAccountHaveSufficientBalance method, it sends authentication information via the method calls setUsername() and setPassword().

Similarly, when the Bank calls back the VeriCheck service, it sends authentication information via the method calls setCallbackUsername() and setCallbackPassword().

  1. Click Refresh, until the Message Log displays the callback callback.onCheckDone.

  2. Select log entries in the Message Log to see the message traffic involved in each interaction.

Related Topics

HelloWorldSecureClient.jws Sample

Overview: Security