| Author |
Questions about Role authentication
|
Nicholas Cheung
Ranch Hand
Joined: Nov 07, 2003
Posts: 4982
|
|
I would like to ask, if I have a web service which provides, say, 10 methods. 1 method can be called by any person, while the rest can only be called by *manager* role.
Thus, which type of endpoint should I use?
EJB, Servlets, or both?
Thanks.
Nick
|
SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
|
 |
Valentin Crettaz
Gold Digger
Sheriff
Joined: Aug 26, 2001
Posts: 7610
|
|
|
There are some ideas/solutions about this issue exposed on BEA's eDocs website. Moreover, [url=http://java.sun.com/blueprints/guidelines/designing_webservices/security.pdf]chapter 7 of the "Designing Web Services with the J2EE(TM) 1.4 Platform" guidelines provides some insights on endpoint security. Is this enough to get you started?
|
SCJP 5, SCJD, SCBCD, SCWCD, SCDJWS, IBM XML
[Blog] [Blogroll] [My Reviews] My Linked In
|
|
Nicholas Cheung
Ranch Hand
Joined: Nov 07, 2003
Posts: 4982
|
|
Thanks. I will take a look on it. 
Nick
|
|
 |
|
|
subject: Questions about Role authentication
|
|
|
0
