This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes Web Services and the fly likes Using wsse, is there a dedicated tag for 'group' or 'role' ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Web Services
Bookmark "Using wsse, is there a dedicated tag for Watch "Using wsse, is there a dedicated tag for New topic
Author

Using wsse, is there a dedicated tag for 'group' or 'role' ?

Sol Mayer-Orn
Ranch Hand

Joined: Nov 13, 2002
Posts: 311
Hi,

I'm new to the subject WebServices security.
Various tutorials mention that a SOAP message can carry username/password, using the tags < wsse:Username > , < wsse assword >.

I was wondering if the standard would allow me to send a group (or role), *instead* of username/password ?
I am going through an SSO system, so I don't need the password anymore (my systems trust each other). But I would like to send the user role, something like:

// dummy tag!
< wsse:role > admin ...

Thanks
Ulf Dittmer
Rancher

Joined: Mar 22, 2005
Posts: 42958
    
  73
WS-Security deals with authentication, which involves usernames and passwords, but not authorization, where roles would come into play.

But in any case the client does not get to say which roles it would like to be in; that's for the user database (or realm or directory or whatever you have) to decide on the backend.
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: Using wsse, is there a dedicated tag for 'group' or 'role' ?
 
It's not a secret anymore!