Not sure if this is the right forum, but since the security experts are here and the question relates to security and the JAXM package...
How does one go about securing a web service call using a JavaTM API for XML Messaging (JAXM) client and a non-Java web service server (.NET)? There is nothing formalized in the
SOAP 1.1 spec as they state
Not described in this document are methods for integrity and privacy protection. Such issues will be addressed more fully in a future version(s) of this document.
What I am trying to do is to have a .NET web service on on server consumed by a
Java client on a client. I can make that work using GLUE from
http://www.themindelectric.com in very little code, but there is no security capability for the call. I'm interested in using the JAXM pacakge but can not find anything in that API remotely related to security principles, etc. Is my only choice SOAP over HTTPS and connection level security (roll my own authentication?)
Can the book authors comments on security and web services in this example (or any example, actually
)
Thanks,
Paul