*
The moose likes Web Services and the fly likes security implementation in web service application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "security implementation in web service application" Watch "security implementation in web service application" New topic
Author

security implementation in web service application

ramesh kancherla
Ranch Hand

Joined: May 01, 2008
Posts: 124
Hi all,
This is ramesh. In my project we are using Jboss application server and JAX-WS API.
I have to implement security authentication.

I have searched in google, but i got glashfish server related.

1) can i implement authentication security with independent of application server?

or

2) can any one please suggest how do i implement web service security (authentication & authorization) in jboss server


Thanks & Regards
Ramesh
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41511
    
  53
The standard for securing SOAP web services is called WS-Security, and is supported by all major SOAP stacks. It implements username/password authentication, amongst other features. Check the JBossWS documentation for how to use it.


Ping & DNS - my free Android networking tools app
ramesh kancherla
Ranch Hand

Joined: May 01, 2008
Posts: 124
Hai..Thanks for the reply...
I am using JBOSS 4.2.3 App server...Which module is applicable for us...
1.JBossWS - Native
2.JBossWS - CXF
3.JBossWS - Metro

which is the best suitable for (jax-ws)webservice security.

Thanks & Regards
Ramesh
Naren Chivukula
Ranch Hand

Joined: Feb 03, 2004
Posts: 576

Hi Ramesh,
My personal choice would be Axis2 with Axis WS Security module Rampart as the jars could be self-contained in a web application or configurable at the server level.


Cheers,
Naren
(OCEEJBD6, SCWCD5, SCDJWS, SCJP1.4 and Oracle SQL 1Z0-051)
ramesh kancherla
Ranch Hand

Joined: May 01, 2008
Posts: 124
Hi Naren thanks for your reply......

In my project we have developed webservice using JAX-WS.We are not using Axis2

Here my task is i have to implement security for that web service.

can you please give me suggestion how can I implement ws-security for JAX-WS

Thanks & Regards
Ramesh

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41511
    
  53
As I said, the JBossWS documentation should be helpful getting you started. A quick search for "jbossws documentation" confirms that there's quite a bit available; http://community.jboss.org/wiki/JBossWS-WS-Securityoptions seems particularly relevant.
ramesh kancherla
Ranch Hand

Joined: May 01, 2008
Posts: 124
HI Ulf,

Thanks for your reply...

I have created jboss-wsse-server.xml & jboss-wsse-client.xml files . and i configured <jboss-ws-security>.
but it is not reflecting to my application.

can you please provide sample application


Thanks in advance.....


Regards
Ramesh
naveen gupta
Ranch Hand

Joined: Apr 12, 2006
Posts: 129
Ramesh, i am in the same boat as you are. If you have figured it out, can you tell the steps of which files you configured and what path you deployed

I will be only using client to invoke web services for which security is configure. what i need to do from client side i have to know


thanks
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: security implementation in web service application