| Author |
Java client accessing .net WS
|
Pradeep bhatt
Ranch Hand
Joined: Feb 27, 2002
Posts: 8876
|
|
Hi all,
We have a .NET web services application which is using windows authentication. If the client is C# I am able to pass the current users credentials and the Web Services gets invoked. If it is a java client I am not sure how to pass the current users credentials.
Thanks
Pradip 
|
Groovy
|
 |
Ramesh Nagappan
Author
Ranch Hand
Joined: May 06, 2003
Posts: 159
|
|
Pradip,
If it is a Java Client, make sure you Java client artifacts include a Java implementation of WS-Security. WS-Security allows to represent "username/password" tokens in SOAP messages.
For a quick hello world example, I would suggest you to read the Java Web Services Tutorial for JWSDP 1.5 (Posted in java.sun.com). If you want to try out a Pattern check Chapter 11 (Web Services Security Patterns) and Chapter 7 (WS Security standards) both chapters discusses on how to implement Message-level security (including code examples) and strategies.
/Ramesh
|
Ramesh Nagappan CISSP<br />Co-Author of "Core Security Patterns"<br />nramesh@post.harvard.edu<br /><a href="http://www.coresecuritypatterns.com" target="_blank" rel="nofollow">www.coresecuritypatterns.com</a>
|
|
Pradeep bhatt
Ranch Hand
Joined: Feb 27, 2002
Posts: 8876
|
|
WS-Security allows to represent "username/password" tokens in SOAP messages.
I am asuming that username/password will be passed in encrypted format.Is that right?
|
|
Ramesh Nagappan
Author
Ranch Hand
Joined: May 06, 2003
Posts: 159
|
|
Originally posted by Pradip Bhat:
I am asuming that username/password will be passed in encrypted format.Is that right?
Ofcourse, you would choose to use XML encryption and XML Digital Sign for ensuring it integrity.
/R
|
|
Jim Hare
Greenhorn
Joined: Feb 07, 2006
Posts: 2
|
|
Perhaps I'm wrong, but I'm not sure this answers the question per se. I'm hitting against the same problem. I want to allow a Java client to access a .NET web service using Integrated Authentication. As far as I know, WS-Security does not address this. WS-Security Username tokens are:
a) passed plain text and non-encrypted by default
b) require the web service to implement WS-Security spec
So, IF you re-write the web service to not use integrated authentication and instead accept annonymous or basic authentication and then implement the WS-Security spec, I could see that as working, BUT that's not using Windows Integrated Authorization.
Anyway, that's my question: How can a Java client access a web service that uses Windows Integrated Authentication (not basic, not WS-Security) if re-writing the web service is not an option.
If I'm wrong about any assumptions, I appologize in advance, I'm just going based on my understandings of these technologies.
|
|
Pradeep bhatt
Ranch Hand
Joined: Feb 27, 2002
Posts: 8876
|
|
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsvcinter/html/javanetmscom.asp
|
|
Jim Hare
Greenhorn
Joined: Feb 07, 2006
Posts: 2
|
|
|
I looked over that link, and it appears to just be yet another WS-Security example, which is NOT Windows Integrated Authentication, that is the question. How does one pass credentials that will work with Windows Integrated Authentication, NOT WSE.
|
|
Pradeep bhatt
Ranch Hand
Joined: Feb 27, 2002
Posts: 8876
|
|
Originally posted by Jim Hare:
I looked over that link, and it appears to just be yet another WS-Security example, which is NOT Windows Integrated Authentication, that is the question. How does one pass credentials that will work with Windows Integrated Authentication, NOT WSE.
Yeah you are right. I am facing the same problem. I dont think it is possible to pass the credetials from the java client.  We had to set the security level to anonymous to get things working. 
|
|
 |
|
|
subject: Java client accessing .net WS
|
|
|
0
