This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I have a web service running in Standard Edition 1.6 on a server. There isn`t a full app server nor is it required except for exposing some functionality.
I decided to use the built in web service container in 1.6 and this is running quite flawlessly. The problem is security, i`m not even sure how to implement it nor if it is possible in 1.6.
Any ideas or someone who has done this before? I need some kind of auth based roles or user/pass access?
Now there is one real problem with all of the above - all the security measures are HTTP based. Web service security measures are supposed to be XML and SOAP based. The JAX-WS RI doesn't support WS-Security out of the box and needs at least the XWSS, possibly even the WSIT extension which I doubt will work on the Lightweight HttpServer - you'll probably have to go with a container like Tomcat or better.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: Java Standard Edition & Web service security