test

The WSIT Tutorial

Configuring Validators

A validator is an optional set of classes used to check the validity of a token, a certificate, a timestamp, or a username and password.

Applications that run under a GlassFish 9.1 container do not need to configure Callback Handlers and Validators when using the IDE with WSIT enabled. This is because the container handles the callbacks and validation. You only need to make sure that the certificates are available at locations that GlassFish requires and/or create authorized users using the Admin Console (described in Adding Users to GlassFish.

Validators are always optional because there are defaults in the runtime (regardless of the container and regardless of whether the application is a JSR-109 or a non-JSR-109 deployment.) For non-JSR-109 deployment, you only need to specify a validator when you want to override the default validators. For JSR-109 deployments, there is no point in specifying an overriding validator, as these will be overridden back to the defaults by GlassFish, thus the Validators button is not available when the selected web service is a JSR-109-compliant application.

ProcedureTo Set Validator Configuration Options

To set the validator configuration options for a non-JSR-109-compliant application (such as a J2SE client), perform the following steps.

  1. Right-click the web service and select Edit Web Service Attributes.

    The Web Service Attributes editor is displayed.

  2. Enable Secure Service.

  3. Click the Validator button.

  4. On the Validator Configuration page, specify the following options, when necessary:

    • Username Validator: Specifies the validator class to be used to validate username and password on the server side. This option is only used by a web service.

      Note –

      When using the default Username Validator, make sure that the username and password of the client are registered with GlassFish (using Admin Console, described in Adding Users to GlassFish) if using GlassFish, or is included in the tomcat-users.xml file if using Tomcat.

    • Timestamp Validator: Specifies the validator class to be used to check the token timestamp to determine whether the token has expired or is still valid.

    • Certificate Validator: Specifies the validator class to be used to validate the certificate supplied by the client or the web service.

    • SAML Validator: Specifies the validator class to be used to validate SAML token supplied by the client or the web service.

  5. Click OK to close the dialog.