Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

[Messaging Handlers and Chaining] Leonard & Sam  RSS feed

 
Dinesh Sundrani
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Leonard,Sam,

Suppose, I have a portfolio database and have written a RESTFul wrapper Web Service to expose the data using the GET web method URL. Now I want to make sure that the client is authenticated and authorized as per the security relams and organizations' security business rules to view the data (data being precious and being the intellectual property of an organization). Is there a way where we could sniff in few message handlers before the GET call to the actual respouce, that does the authentication (handler1) followed sequentially by authorization (handler2) and diligently forwarding the request to the resource or to the error.jsp page.

I know SOAP Based service does that pretty well? what's the say on the RESTFul Services?

*********************
Regards,
Dinesh Sundrani
---------------
SCJP 1.5 [86%]
SCWCD [95%]
SCDJWS [98%]
*********************
 
Sam Ruby
author
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In HTTP, authentication is done via headers too, the key difference being that these headers are outside of the document itself.

If you are using servlets, the best place to start is by looking up the word "Realm" in how you configure your service (conf/server.xml) in your product's documentation.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!