Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Web Service Security

 
UdayaKumar Velayudam
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I have been trying the implement security for my web service and started studying some URL about securing web service. Based on my study, I found that there are 2 levels of security: Transport level and Message level. Transport level is to make the HTTP protocol to HTTPS and Message level is to implement Username & password for each web service request. I googled enough to get an example to understand how to implement it for my application, however, I found is different for each framework like CXF, AXIS,etc and its confusing. Can someone please guide me how to implement the security for web services?

Thanks!
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
WS-Security (which describes encryption, signing and authentication) is a standard that works the same for SOAP generated by all SOAP stacks. What is different is how it is configured; the documentation of whichever stack you're using should talk about that.
 
UdayaKumar Velayudam
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tim,

Thank you very much for your response.! I'm new to this area. Can you suggest me how to implement HTTP basic message level authentication for CXF framework?
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've never used CXF, sorry. web service security +cxf seems a good start.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic