aspose file tools*
The moose likes Web Services and the fly likes Web Service Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Web Service Security" Watch "Web Service Security" New topic
Author

Web Service Security

Sujoy Choudhury
Ranch Hand

Joined: Sep 17, 2008
Posts: 136

Hi All,

I have an existing Web Service which was not secured so far.
Now the business demands that we should secure that.

What are the steps involved practically?

Had anyone done this before?

This may be a pretty vague question but any lead/case studies link would be good starting point.


Thanks and Regards,
~Sujoy
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41865
    
  63
While you don't say what "secure" should involve in your case, this is generally the domain of the WS-Security standard (which all major SOAP stacks support). Read the documentation of whichever stack you're using to learn how to apply it. If you're not using SOAP, tell us how the WS is implemented.


Ping & DNS - my free Android networking tools app
David Nicholls
Greenhorn

Joined: Oct 10, 2011
Posts: 6

Hi Sujoy,

if you are using Axis2 you may find this tutorial helpful

http://www.ibm.com/developerworks/webservices/tutorials/ws-understand-web-services4/
Sujoy Choudhury
Ranch Hand

Joined: Sep 17, 2008
Posts: 136

Hi David,
Thank you very much for this link. The content is awesome.
That is what I was looking for to understand more.

Hi Ulf,
Thanks for your reply too.
I guess it was implemented using SOAP.
But I am a bit confused here, did you mean we could implement it using REST too?
I don't understand the difference though. I got to dig deep.
Wheather it's SOAP or REST the internal implemenation I think is XML over HTTP (not using SMTP/JMS for sure) and which is what SOAP is all about (right?).
Please correct me.

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41865
    
  63
SOAP is an XML dialect, whereas XML is not generally used with REST (definitely not as part of the request), so the odds are you're working with a SOAP WS. The WebServicesFaq has some good material about both SOAP and REST.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Service Security