• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

security implementation in web service application

 
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
This is ramesh. In my project we are using Jboss application server and JAX-WS API.
I have to implement security authentication.

I have searched in google, but i got glashfish server related.

1) can i implement authentication security with independent of application server?

or

2) can any one please suggest how do i implement web service security (authentication & authorization) in jboss server


Thanks & Regards
Ramesh
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The standard for securing SOAP web services is called WS-Security, and is supported by all major SOAP stacks. It implements username/password authentication, amongst other features. Check the JBossWS documentation for how to use it.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hai..Thanks for the reply...
I am using JBOSS 4.2.3 App server...Which module is applicable for us...
1.JBossWS - Native
2.JBossWS - CXF
3.JBossWS - Metro

which is the best suitable for (jax-ws)webservice security.

Thanks & Regards
Ramesh
 
Ranch Hand
Posts: 577
Tomcat Server Notepad Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ramesh,
My personal choice would be Axis2 with Axis WS Security module Rampart as the jars could be self-contained in a web application or configurable at the server level.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Naren thanks for your reply......

In my project we have developed webservice using JAX-WS.We are not using Axis2

Here my task is i have to implement security for that web service.

can you please give me suggestion how can I implement ws-security for JAX-WS

Thanks & Regards
Ramesh

 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As I said, the JBossWS documentation should be helpful getting you started. A quick search for "jbossws documentation" confirms that there's quite a bit available; http://community.jboss.org/wiki/JBossWS-WS-Securityoptions seems particularly relevant.
 
ramesh kancherla
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI Ulf,

Thanks for your reply...

I have created jboss-wsse-server.xml & jboss-wsse-client.xml files . and i configured <jboss-ws-security>.
but it is not reflecting to my application.

can you please provide sample application


Thanks in advance.....


Regards
Ramesh
 
Ranch Hand
Posts: 129
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ramesh, i am in the same boat as you are. If you have figured it out, can you tell the steps of which files you configured and what path you deployed

I will be only using client to invoke web services for which security is configure. what i need to do from client side i have to know


thanks
 
reply
    Bookmark Topic Watch Topic
  • New Topic