I have been trying the implement security for my web service and started studying some URL about securing web service. Based on my study, I found that there are 2 levels of security: Transport level and Message level. Transport level is to make the HTTP protocol to HTTPS and Message level is to implement Username & password for each web service request. I googled enough to get an example to understand how to implement it for my application, however, I found is different for each framework like CXF, AXIS,etc and its confusing. Can someone please guide me how to implement the security for web services?
WS-Security (which describes encryption, signing and authentication) is a standard that works the same for SOAP generated by all SOAP stacks. What is different is how it is configured; the documentation of whichever stack you're using should talk about that.
Joined: Sep 07, 2011
Thank you very much for your response.! I'm new to this area. Can you suggest me how to implement HTTP basic message level authentication for CXF framework?