Web Service Authentication

Ephraim Paka

Ranch Hand

Posts: 37

posted 10 years ago

Hello All,

How do we implement a security for web services? Since service components are either loosley coupled or have no client session tracking
like web based clients. What happens once a client is authorized and either
tries to invoke a service method or looses connection and reconnects?

Thanks

Ulf Dittmer

Rancher

Posts: 42972

posted 10 years ago

Since WS are generally stateless, you'd need to send the authentication details with every call. But since that's usually being done by a handler that's independent from the actual WS invocation code, it wouldn't complicate the client code.

Ephraim Paka

Ranch Hand

Posts: 37

posted 10 years ago

Thanks Ulf

susha bhogs

Greenhorn

Posts: 6

posted 10 years ago

Following is a nice presentation from BEA WBELOGIC -

https://www120.livemeeting.com/cc/bea/viewFormatWMMticketID=z8mxkpjs497cp70m

Ulf Dittmer

Rancher

Posts: 42972

posted 10 years ago

Originally posted by susha bhogs:
Following is a nice presentation from BEA WBELOGIC -

https://www120.livemeeting.com/cc/bea/viewFormatWMMticketID=z8mxkpjs497cp70m

... which seems to be protected.

Consider Paul's rocket mass heater.

Web Service Authentication

Similar Threads