Register / Login
Win a copy of
Functional Reactive Programming
this week in the
Web Service Access
Nuno Miguel Santos
posted 4 years ago
I've built an application that interacts with a web service, which in turns contacts a CMS Platform that is integrated with an AD server.
In turn, the web service uses the CMS api to upload/download files and various functionalities.
That's where I want to make sure only the right users (the one that are stored in the AD) use the web service.
If I fetch both the windows user with his domain in my code, and then send it to the web service, will that be enough?
for example: mydomain\nuno
I can't rely on certificates to identify the person because if the application will reside on hundreds of computers, hundreds of certificates would have to be created.
It is sorta covered in the
JavaRanch Style Guide
Spring Web services
Select a certificate from a keystore for client authentication
Convert Object to Certificate
Integrate Single-Sign On on Java