wood burning stoves 2.0*
The moose likes Web Services and the fly likes Web service authentication in Tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Web Services
Reply locked New topic
Author

Web service authentication in Tomcat

Phil Lar
Greenhorn

Joined: Oct 18, 2010
Posts: 5
Hi all,

I'm using Tomcat 6.0.29, jdk 1.6. I'm developing web services (with Jax-WS) and i would like to add authentication to those web service. The only thing I want to do is validate credentials when entering a web service method (without having to pass username/password parameter and validate them manually, every time). I'd like to know how to do it, I need to validate users against the database. I read a lot on the web on jaas, but it's unclear for me where to start, which framework to use, etc... can someone help me please??? From what I understood, credentials should be part of the soap envelop header, but again, I cant find tutorials or examples on how to do it within Tomcat.

I also read about roles (using RolesAllowed annotation), but again, I dont find how to link those roles with the database I configured in the config.xml file (in a resource element). My needs are really specific to implementation in Tomcat, could someone help me on which framework I should use and where I can find tutorials or examples for integration in Tomcat.


Thanks a lot for your help,
Phil
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41029
    
  43
Please do not post the same question to multiple forums: CarefullyChooseOneForum

Let's continue the discussion in this duplicate thread where you got answers already.


Ping & DNS - my free Android networking tools app
 
jQuery in Action, 2nd edition
 
subject: Web service authentication in Tomcat
 
Similar Threads
Web App Security
Grails 1.1 Web Application Development
Web service authentication in Tomcat
Access database from java web applications?
Implementing Access Rights on Axis2 Web Service?