Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Web Services and the fly likes web services / logonhanlder service Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "web services / logonhanlder service" Watch "web services / logonhanlder service" New topic
Author

web services / logonhanlder service

dale con
Ranch Hand

Joined: Apr 15, 2005
Posts: 93
Hi all,

I'm writing some web services. The first web service is a logonhandler service. Where credentials are passed through and if the user is valid, generates a token. The token stored in a db. Then once the user is validated they have permission to use other web services.

My question, has anyone done something simliar to what I am trying to achieve? What is the best approach to take?

What I don't want is for a user to keep loging on, as this will be a pain in the backside. So what i'm thinking is generating a token, with a timestamp and keep checking the timestamp.

If the user hasn't done anything for say 30 mins, log them out.

What is the best way to check the timestamp for activity?

Sorry for all the naive questions, as you can probably tell i'm new to web services, and the information we hold is confidential, so the login service has to be secure

I hope someone can help

thanks

gill


Neel Chow
Ranch Hand

Joined: Jan 10, 2005
Posts: 55
Well.I am trying to do something similar to this. I posted it but so ar no reply.
I am trying to generate a SOAP message in java which has a header with WSSE information (Username, password) for the authentication.
Do you have any clue about this??
dale con
Ranch Hand

Joined: Apr 15, 2005
Posts: 93
Have a look at the eBay SDK Java guide - you'll have to register, if you haven't already done so - it's free

eBay are doing what I want to achieve, their document is from a high level but is quite useful

If you get any further, let me know
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: web services / logonhanlder service
 
Similar Threads
web service newbie
Axis + WSS4J, one time authentication?
doubt in web service composition
Login/https over spring - REST ?
web service tokens