Register / Login
Win a copy of
Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA)
this week in the
Web Service Access
Nuno Miguel Santos
posted 4 years ago
I've built an application that interacts with a web service, which in turns contacts a CMS Platform that is integrated with an AD server.
In turn, the web service uses the CMS api to upload/download files and various functionalities.
That's where I want to make sure only the right users (the one that are stored in the AD) use the web service.
If I fetch both the windows user with his domain in my code, and then send it to the web service, will that be enough?
for example: mydomain\nuno
I can't rely on certificates to identify the person because if the application will reside on hundreds of computers, hundreds of certificates would have to be created.
Spring Web services
Select a certificate from a keystore for client authentication
Convert Object to Certificate
Integrate Single-Sign On on Java