Win a copy of 97 Things Every Java Programmer Should Know this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

Authentification

 
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How does a client know which authenticate mechanism a web service has? E.g. Basic or Client-Certificate. This information is not included in a wsdl-file.
 
Sheriff
Posts: 5782
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
WS security really builds on top of existing specifications. There is transport level security( such as SSL ), payload security (such as XML encryption and digital signatures), and security features provided by the platform it self. It is not uncommon to find all of these being used in combination rather than exclusively, to secure a WS.

In the J2EE/Webservices world, since WS endpoint is exposed as a JAX-RPC Servlet or a SLSB, some of the aunthentication mechanisms already provided by the J2EE platform can be extended and applied for WS authentication. A Servlet based end point an use the same methods/procedures as any normal servlet ie., configuring the Web.xml to use appropriate authentication methods. A SLSB end point can use Principal and UserRole to investigate propagated credentials.

HTH
[ April 19, 2005: Message edited by: Ajith Kallambella ]
 
Are you here to take over the surface world? Because this tiny ad will stop you!
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic