Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Implementing Security in web services developed using JAX WS approach

 
Ravi Kiran Va
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ,

Our Organization has developed a Web service using JAX WS approach exposing EJB as EndPoint .This wsdl file URL is only used by third party companies that register with us (Means i want to say that this wsdl url is not world wide accessable).

Now we need to implement security for this service , please tell me what is the appropiate for doing so ??

Thank you in advnace .
Waiting for your valuable suggestions .
Please help .
 
Ravi Kiran Va
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ,

I assume that Message Level Security suits me for this purpose .

Please share as how can i implement this security inside my EndPoint ??

Thank you .
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's what WS-Security is for. Every decent SOAP stack supports is these days; check the documentation of whichever server you're using for the details.
 
Ravi Kiran Va
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ulf Dittmer ,

I am planning to configure some SSL certificates into my Weblogic Applicatin server .

Will this be sufficient??

Thank you .
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That depends on what you're trying to guard against. For starters, it would be transport-level security, not message-level.
 
Ravi Kiran Va
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello ulf ,
I have gone through SSL tutorials , My company is not providing any online business or not accepting any credit cards , so i think SSL does not suit my requirement .
So please tell me what is the approach i need to use to implement security for my Webservices


That's what WS-Security is for. Every decent SOAP stack supports is these days; check the documentation of whichever server you're using for the details.


so please can you guide me as how to implement this

Please help
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic