This week's giveaway is in the EJB and other Java EE Technologies forum. We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line! See this thread for details.
We have few webservices and we are protecting it using basic authentication using LDAP. All LDAP settign has been done in websphere server using admin console.
When an invalid user tries to access this web service the websphere enabled authentication process checks the userid in LDAP. How erver on gettting error from LDAP it wraps the LDAP error in axis falut ( 401 unauthorised) and sends it to the web service client.
I need to catch the excat LDAP error. So I want to create a JAAS application login module. However to intialize loginContext I am not getting how to extract the user id and password from the web service request. ( I set the username and password in org.apache.axis.client.Call object while invoking the web service. )
Note : Instead of XXXXXXXXX I need to put userid and password extracted from web service request.
I'm not clear if you want to do this on the client or on the server? Also, how does using JAAS help with all this? For securing web services I'd use the WS-Security standard, which is supported by all major SOAP stacks.
Ping & DNS - updated with new look and Ping home screen widget