This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes Web Services and the fly likes Combining JAAS and SOAP in a log on system Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Combining JAAS and SOAP in a log on system" Watch "Combining JAAS and SOAP in a log on system" New topic
Author

Combining JAAS and SOAP in a log on system

Iain Emsley
Ranch Hand

Joined: Oct 11, 2007
Posts: 60
I've found myself stuck in a horrible mire with trying to set up a Web Service.

I've been asked to implement a Java calendaring system onto website which is largely backended in Perl. The easiest way into getting the passwords is also via Perl. I have set up a SOAP server which is passing across the username and password and Java client which receives it. I've been experimenting with JAAS which would appear to be the most flexible way of getting the desired result, i.e. our users can seemlessly move across the services on the site (effectively cookie controlled single sign on).

I've placed the client code inside of the WebCallbackHandler (though I perhaps ought to split it out and refer to it) but is there a better way of achieving what I want?

Have I gone hopelessly wrong in my quest to log our users on? I'd be grateful for some pointers as to how to get the best result for my users.

Thanks.
Peer Reynders
Bartender

Joined: Aug 19, 2005
Posts: 2922
    
    5
I'm not quite sure what kind of authentication/authorization/security scheme you are trying to implement - however WS-Security was designed for SOAP (implemented by Rampart for Axis2). See Web Services Authentication with Axis 2.
Iain Emsley
Ranch Hand

Joined: Oct 11, 2007
Posts: 60
I'm trying to extend our single sign on system across to Java but for reasons I haven't yet worked out, we cannot parse the cookie data via Java but need Perl to do it (which it already does for the rest of the site). Hence the need to speak to the SOAP server. What I want to do is to use the servlet/JSP to get the password so that JAAS or JDBC can get the data for authentication, hence why I'm trying to get it to activate our built client.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Combining JAAS and SOAP in a log on system