Implementing Security in web services developed using JAX WS approach

Hi ,

Our Organization has developed a Web service using JAX WS approach exposing EJB as EndPoint .This wsdl file URL is only used by third party companies that register with us (Means i want to say that this wsdl url is not world wide accessable).

Now we need to implement security for this service , please tell me what is the appropiate for doing so ??

Thank you in advnace .
Waiting for your valuable suggestions .
Please help .

Hi ,

I assume that Message Level Security suits me for this purpose .

Please share as how can i implement this security inside my EndPoint ??

Thank you .

That's what WS-Security is for. Every decent SOAP stack supports is these days; check the documentation of whichever server you're using for the details.

Hi Ulf Dittmer ,

I am planning to configure some SSL certificates into my Weblogic Applicatin server .

Will this be sufficient??

Thank you .

That depends on what you're trying to guard against. For starters, it would be transport-level security, not message-level.

Hello ulf ,
I have gone through SSL tutorials , My company is not providing any online business or not accepting any credit cards , so i think SSL does not suit my requirement .
So please tell me what is the approach i need to use to implement security for my Webservices

That's what WS-Security is for. Every decent SOAP stack supports is these days; check the documentation of whichever server you're using for the details.

so please can you guide me as how to implement this

Please help