Security has 2 parts Authentication & Authorization. There are different ways of doing Authentication, but the most simple & secure way is to enable SSL for Axis servlet. For Authorization you can use Handlers. Handlers are like servlet filter. You can read the SOAP message before it is reached to ultimate endpoint and apply Authorization rules.
Joined: Oct 04, 2006
Thankyou Rajneesh and Ashkrit for your useful information regarding security with Axis.
For Authentication - enabling SSL for Axis servlet For Authorization - To use Handlers.
Since I am new to Axis I wish to know what would be the differnce between these two.
For Authorization do we need to use the classes from the below package
Could you please explain me little more.
With Regards, Amutha
Joined: Oct 05, 2006
You can get some sample implementation from samples/handler folder of axis 1.4 installation. Yopu will get fair idea about that .