Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security implementation in web service application

 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
This is ramesh. In my project we are using Jboss application server and JAX-WS API.
I have to implement security authentication.

I have searched in google, but i got glashfish server related.

1) can i implement authentication security with independent of application server?

or

2) can any one please suggest how do i implement web service security (authentication & authorization) in jboss server


Thanks & Regards
Ramesh
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The standard for securing SOAP web services is called WS-Security, and is supported by all major SOAP stacks. It implements username/password authentication, amongst other features. Check the JBossWS documentation for how to use it.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hai..Thanks for the reply...
I am using JBOSS 4.2.3 App server...Which module is applicable for us...
1.JBossWS - Native
2.JBossWS - CXF
3.JBossWS - Metro

which is the best suitable for (jax-ws)webservice security.

Thanks & Regards
Ramesh
 
Naren Chivukula
Ranch Hand
Posts: 577
Java Notepad Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ramesh,
My personal choice would be Axis2 with Axis WS Security module Rampart as the jars could be self-contained in a web application or configurable at the server level.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Naren thanks for your reply......

In my project we have developed webservice using JAX-WS.We are not using Axis2

Here my task is i have to implement security for that web service.

can you please give me suggestion how can I implement ws-security for JAX-WS

Thanks & Regards
Ramesh

 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As I said, the JBossWS documentation should be helpful getting you started. A quick search for "jbossws documentation" confirms that there's quite a bit available; http://community.jboss.org/wiki/JBossWS-WS-Securityoptions seems particularly relevant.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HI Ulf,

Thanks for your reply...

I have created jboss-wsse-server.xml & jboss-wsse-client.xml files . and i configured <jboss-ws-security>.
but it is not reflecting to my application.

can you please provide sample application


Thanks in advance.....


Regards
Ramesh
 
naveen gupta
Ranch Hand
Posts: 129
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ramesh, i am in the same boat as you are. If you have figured it out, can you tell the steps of which files you configured and what path you deployed

I will be only using client to invoke web services for which security is configure. what i need to do from client side i have to know


thanks
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic