Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Web Services Search Coderanch
Advance search Google search
Register / Login
advertise on coderanch thread boost book review grid polymorphism granny
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
thread boost book review grid advertise on coderanch meaningless drivel building better world book
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Limiting Access based on Requesting Application

 
Frank Beck
Greenhorn
Posts: 4
posted 21 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hopefully, this is the right forum and there is no thread on this already (I did a search).
We have developed simple "services" using servlets that query databases based on supplied parameters and return relevant data in XML format. The servlets run under WAS on a Solaris box. The clients of the services will be web application (mostly ASP and CF on NT boxes). We have taken the simply approach of locking down access to some of the services by the requesting IP address, but we want the ability to lock down access by the requesting application. That is there may be multiple web applications on a given server, but we want to limit access to a given service by the requesting application. Anyone have the answer or any ideas? Thanks!
 
Kyle Brown
author
Posts: 3892
5
posted 21 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Sure, it should be easy. Just use the WAS security to lock the application down to specific user id's. Then set up the WAS security domain to use HTTP basic-auth; If you communicate via HTTP you just need to make sure you set the basic-auth headers on the client side, which is usually not hard (both the Apache SOAP client and the MS client allow this, and it's not hard when doing direct HTTP Request programming either -- check google...)
Kyle

Kyle Brown, Author of Persistence in the Enterprise and Enterprise Java Programming with IBM Websphere, 2nd Edition
See my homepage at http://www.kyle-brown.com/ for other WebSphere information.

 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...