• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Username and password security for webservices using JAX WS

 
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi ,

Is @Polcies annotation is specific to weblogic server only ??
Cant we use that if we dont use weblogic server ??

Basically i just want to provide username and password security to my webservice , how can we do this if we are using server other than weblogic .

Please help

Thanks in advance .


 
Ranch Hand
Posts: 80
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
To answer your first question I believe it is yes as it belongs to the package weblogic.jws.Policies, so it isn't possible to use it outside Weblogic.
As I know currently JAX-WS doesn't support WS-Security, so there is no standard API or annotations that you can use or rely on.
However it is preferred to can use an XML deployment descriptor provided by your application server instead of using annotation in order to have your code portable between different application servers, as currently many application servers support WS-Security but in different manners.
 
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
I am of the strong impression that JAX-WS does indeed support WS-Security.
This can be configured using WS-Policy in the service WSDL and, dropping certain Metro libraries in on the client side, the client automatically recognizes and honors the WS-Policy declarations.
Best wishes!
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ivan Krizsan wrote:I am of the strong impression that JAX-WS does indeed support WS-Security.


It would be more accurate to say that Metro supports WS-Security; it's perfectly possible to implement JAX-WS w/o WS-Security - the JAX-WS RI is an example of that.
 
Hany Shafik
Ranch Hand
Posts: 80
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I couldn't find any part in the JAX-WS 2.2 jsr224 specification that says anything about WS-Security, that is why I concluded this answer.
I think Metro supports WS-Security among other WS-* specifications as part of the WSIT project (Web Services Interoperability Technologies), which doesn't have a corresponding jsr. Also as I understand from Metro samples that you use a configuration file named wsit-package.service.xml that resembles a normal WSDL file to configure the required polices
 
Ravi Kiran Va
Ranch Hand
Posts: 2234
Eclipse IDE Firefox Browser Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi ,
Ulf welcome back . its nice to see you back

After deploying my JAX WS Application in weblogic , i am providing security by configuring WS_policy Tab and suppllying it a default http-UsernameToken.xml file

What is the username and password for the above and how can we supply our own parameters .

Thanks .
 
reply
    Bookmark Topic Watch Topic
  • New Topic