Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

SOAP Security  RSS feed

 
jenkinstechnology llc
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not sure if this is the right forum, but since the security experts are here and the question relates to security and the JAXM package...
How does one go about securing a web service call using a JavaTM API for XML Messaging (JAXM) client and a non-Java web service server (.NET)? There is nothing formalized in the SOAP 1.1 spec as they state
Not described in this document are methods for integrity and privacy protection. Such issues will be addressed more fully in a future version(s) of this document.

What I am trying to do is to have a .NET web service on on server consumed by a Java client on a client. I can make that work using GLUE from http://www.themindelectric.com in very little code, but there is no security capability for the call. I'm interested in using the JAXM pacakge but can not find anything in that API remotely related to security principles, etc. Is my only choice SOAP over HTTPS and connection level security (roll my own authentication?)
Can the book authors comments on security and web services in this example (or any example, actually )
Thanks,
Paul
 
Jeff Binnig
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're prolly going to take a hit for not having your UserName in the right format. Has to be pretty like mine.
------------------
 
jenkinstechnology llc
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yeah, i figured that, but didn't want to re-register and have two names on the forum. i'll try to change my username without re-registering, but it is my company name, so i don't see what's wrong with it, but admins are a strange lot, so i'm sure i'm violating something
paul
 
Matthew X. Brown
Ranch Hand
Posts: 165
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please see the Apache SOAP 2.2 Documentation - User's Guide: http://xml.apache.org/soap/docs/guide/index.html
on the subject of "Writing Provider". This documentation
describes what is a provider.
You can write a provider that intercepts a SOAP request and
performs things like authentication/authorization before
the the webservice method is called.
 
John Wetherbie
Rancher
Posts: 1449
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"jenkinstechnology",
Please read the JavaRanch naming policy and re-register.
Thanks,
John
 
Paul Jenkins
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok, changed my name, not sure if I will get credit for the post, but at least I'm 'legal'
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!