File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services and the fly likes Username and password security for webservices using JAX WS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Username and password security for webservices using JAX WS " Watch "Username and password security for webservices using JAX WS " New topic
Author

Username and password security for webservices using JAX WS

Ravi Kiran Va
Ranch Hand

Joined: Apr 18, 2009
Posts: 2234

Hi ,

Is @Polcies annotation is specific to weblogic server only ??
Cant we use that if we dont use weblogic server ??

Basically i just want to provide username and password security to my webservice , how can we do this if we are using server other than weblogic .

Please help

Thanks in advance .



Save India From Corruption - Anna Hazare.
Hany Shafik
Ranch Hand

Joined: Jun 21, 2008
Posts: 80
To answer your first question I believe it is yes as it belongs to the package weblogic.jws.Policies, so it isn't possible to use it outside Weblogic.
As I know currently JAX-WS doesn't support WS-Security, so there is no standard API or annotations that you can use or rely on.
However it is preferred to can use an XML deployment descriptor provided by your application server instead of using annotation in order to have your code portable between different application servers, as currently many application servers support WS-Security but in different manners.
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Hi!
I am of the strong impression that JAX-WS does indeed support WS-Security.
This can be configured using WS-Policy in the service WSDL and, dropping certain Metro libraries in on the client side, the client automatically recognizes and honors the WS-Policy declarations.
Best wishes!


My free books and tutorials: http://www.slideshare.net/krizsan
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41867
    
  63
Ivan Krizsan wrote:I am of the strong impression that JAX-WS does indeed support WS-Security.

It would be more accurate to say that Metro supports WS-Security; it's perfectly possible to implement JAX-WS w/o WS-Security - the JAX-WS RI is an example of that.


Ping & DNS - my free Android networking tools app
Hany Shafik
Ranch Hand

Joined: Jun 21, 2008
Posts: 80
Hi,

I couldn't find any part in the JAX-WS 2.2 jsr224 specification that says anything about WS-Security, that is why I concluded this answer.
I think Metro supports WS-Security among other WS-* specifications as part of the WSIT project (Web Services Interoperability Technologies), which doesn't have a corresponding jsr. Also as I understand from Metro samples that you use a configuration file named wsit-package.service.xml that resembles a normal WSDL file to configure the required polices
Ravi Kiran Va
Ranch Hand

Joined: Apr 18, 2009
Posts: 2234

Hi ,
Ulf welcome back . its nice to see you back

After deploying my JAX WS Application in weblogic , i am providing security by configuring WS_policy Tab and suppllying it a default http-UsernameToken.xml file

What is the username and password for the above and how can we supply our own parameters .

Thanks .
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Username and password security for webservices using JAX WS