Meaningless Drivel is fun!
The moose likes Web Services and the fly likes Web service authentication in Tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Reply locked New topic

Web service authentication in Tomcat

Phil Lar

Joined: Oct 18, 2010
Posts: 5
Hi all,

I'm using Tomcat 6.0.29, jdk 1.6. I'm developing web services (with Jax-WS) and i would like to add authentication to those web service. The only thing I want to do is validate credentials when entering a web service method (without having to pass username/password parameter and validate them manually, every time). I'd like to know how to do it, I need to validate users against the database. I read a lot on the web on jaas, but it's unclear for me where to start, which framework to use, etc... can someone help me please??? From what I understood, credentials should be part of the soap envelop header, but again, I cant find tutorials or examples on how to do it within Tomcat.

I also read about roles (using RolesAllowed annotation), but again, I dont find how to link those roles with the database I configured in the config.xml file (in a resource element). My needs are really specific to implementation in Tomcat, could someone help me on which framework I should use and where I can find tutorials or examples for integration in Tomcat.

Thanks a lot for your help,
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42959
Please do not post the same question to multiple forums: CarefullyChooseOneForum

Let's continue the discussion in this duplicate thread where you got answers already.
I agree. Here's the link:
subject: Web service authentication in Tomcat
It's not a secret anymore!