• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

SOAP Security

 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not sure if this is the right forum, but since the security experts are here and the question relates to security and the JAXM package...
How does one go about securing a web service call using a JavaTM API for XML Messaging (JAXM) client and a non-Java web service server (.NET)? There is nothing formalized in the SOAP 1.1 spec as they state

Not described in this document are methods for integrity and privacy protection. Such issues will be addressed more fully in a future version(s) of this document.


What I am trying to do is to have a .NET web service on on server consumed by a Java client on a client. I can make that work using GLUE from http://www.themindelectric.com in very little code, but there is no security capability for the call. I'm interested in using the JAXM pacakge but can not find anything in that API remotely related to security principles, etc. Is my only choice SOAP over HTTPS and connection level security (roll my own authentication?)
Can the book authors comments on security and web services in this example (or any example, actually )
Thanks,
Paul
 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You're prolly going to take a hit for not having your UserName in the right format. Has to be pretty like mine.
------------------
 
jenkinstechnology llc
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yeah, i figured that, but didn't want to re-register and have two names on the forum. i'll try to change my username without re-registering, but it is my company name, so i don't see what's wrong with it, but admins are a strange lot, so i'm sure i'm violating something
paul
 
Ranch Hand
Posts: 165
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please see the Apache SOAP 2.2 Documentation - User's Guide: http://xml.apache.org/soap/docs/guide/index.html
on the subject of "Writing Provider". This documentation
describes what is a provider.
You can write a provider that intercepts a SOAP request and
performs things like authentication/authorization before
the the webservice method is called.
 
Rancher
Posts: 1449
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"jenkinstechnology",
Please read the JavaRanch naming policy and re-register.
Thanks,
John
 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok, changed my name, not sure if I will get credit for the post, but at least I'm 'legal'
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic