• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled

 
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi everyone. In test environment we have a websphere application server with security enabled. On our web application we have some services: spring http services and jax-ws services. Another web application that is installed on the same application server of the first application, uses both kind of services, but while authentication is necessary only for jax-ws services (ws-security) for http services is not. Can you tell me why?

this is a http service:



and the following is the jax-ws:


Bye
 
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Is your question how to secure it or why it does not work the same as JaxWs?
 
gianluca gian
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
excuse me, I'm a little confused about the difference between http spring service and jax-ws service. I think I need to read more. As I said in test environment we had jax-ws services with authentication, so at the moment we removed the basic authentication configured on the web.xml and then authentication were not required anymore. But I'm curious about how to enable security on spring http service. Thanks
 
Bill Gorder
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The type of security you mentioned is container level security. There are varying degrees of this offered by different vendors. You also add additional security like that offered by Spring Security. This would be used to secure something like your remoting endpoint. I did find an example demonstrating one way this could be done.

http://kalali.me/using-spring-security-to-enforce-authentication-and-authorization-on-spring-remoting-services-invoked-from-a-java-se-client/

Have a look at the Spring Security project for a more extensive list of all the things it has to offer.

http://www.springsource.org/spring-security
 
gianluca gian
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thanks a lot. Bye
 
No matter how many women are assigned to the project, a pregnancy takes nine months. Much longer than this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic