aspose file tools*
The moose likes Security and the fly likes Java client accessing .net WS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Java client accessing .net WS" Watch "Java client accessing .net WS" New topic
Author

Java client accessing .net WS

Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8919

Hi all,

We have a .NET web services application which is using windows authentication. If the client is C# I am able to pass the current users credentials and the Web Services gets invoked. If it is a java client I am not sure how to pass the current users credentials.

Thanks
Pradip


Groovy
Ramesh Nagappan
Author
Ranch Hand

Joined: May 06, 2003
Posts: 159
Pradip,

If it is a Java Client, make sure you Java client artifacts include a Java implementation of WS-Security. WS-Security allows to represent "username/password" tokens in SOAP messages.

For a quick hello world example, I would suggest you to read the Java Web Services Tutorial for JWSDP 1.5 (Posted in java.sun.com). If you want to try out a Pattern check Chapter 11 (Web Services Security Patterns) and Chapter 7 (WS Security standards) both chapters discusses on how to implement Message-level security (including code examples) and strategies.

/Ramesh


Ramesh Nagappan CISSP<br />Co-Author of "Core Security Patterns"<br />nramesh@post.harvard.edu<br /><a href="http://www.coresecuritypatterns.com" target="_blank" rel="nofollow">www.coresecuritypatterns.com</a>
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8919

WS-Security allows to represent "username/password" tokens in SOAP messages.

I am asuming that username/password will be passed in encrypted format.Is that right?
Ramesh Nagappan
Author
Ranch Hand

Joined: May 06, 2003
Posts: 159
Originally posted by Pradip Bhat:

I am asuming that username/password will be passed in encrypted format.Is that right?



Ofcourse, you would choose to use XML encryption and XML Digital Sign for ensuring it integrity.

/R
Jim Hare
Greenhorn

Joined: Feb 07, 2006
Posts: 2
Perhaps I'm wrong, but I'm not sure this answers the question per se. I'm hitting against the same problem. I want to allow a Java client to access a .NET web service using Integrated Authentication. As far as I know, WS-Security does not address this. WS-Security Username tokens are:

a) passed plain text and non-encrypted by default
b) require the web service to implement WS-Security spec

So, IF you re-write the web service to not use integrated authentication and instead accept annonymous or basic authentication and then implement the WS-Security spec, I could see that as working, BUT that's not using Windows Integrated Authorization.

Anyway, that's my question: How can a Java client access a web service that uses Windows Integrated Authentication (not basic, not WS-Security) if re-writing the web service is not an option.

If I'm wrong about any assumptions, I appologize in advance, I'm just going based on my understandings of these technologies.
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8919

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsvcinter/html/javanetmscom.asp
Jim Hare
Greenhorn

Joined: Feb 07, 2006
Posts: 2
I looked over that link, and it appears to just be yet another WS-Security example, which is NOT Windows Integrated Authentication, that is the question. How does one pass credentials that will work with Windows Integrated Authentication, NOT WSE.
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8919

Originally posted by Jim Hare:
I looked over that link, and it appears to just be yet another WS-Security example, which is NOT Windows Integrated Authentication, that is the question. How does one pass credentials that will work with Windows Integrated Authentication, NOT WSE.


Yeah you are right. I am facing the same problem. I dont think it is possible to pass the credetials from the java client. We had to set the security level to anonymous to get things working.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Java client accessing .net WS