This week's book giveaway is in the OCPJP forum.
We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line!
See this thread for details.
The moose likes Web Services and the fly likes Web Service Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Web Service Security" Watch "Web Service Security" New topic
Author

Web Service Security

UdayaKumar Velayudam
Greenhorn

Joined: Sep 07, 2011
Posts: 2
Hi All,

I have been trying the implement security for my web service and started studying some URL about securing web service. Based on my study, I found that there are 2 levels of security: Transport level and Message level. Transport level is to make the HTTP protocol to HTTPS and Message level is to implement Username & password for each web service request. I googled enough to get an example to understand how to implement it for my application, however, I found is different for each framework like CXF, AXIS,etc and its confusing. Can someone please guide me how to implement the security for web services?

Thanks!
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
WS-Security (which describes encryption, signing and authentication) is a standard that works the same for SOAP generated by all SOAP stacks. What is different is how it is configured; the documentation of whichever stack you're using should talk about that.
UdayaKumar Velayudam
Greenhorn

Joined: Sep 07, 2011
Posts: 2
Tim,

Thank you very much for your response.! I'm new to this area. Can you suggest me how to implement HTTP basic message level authentication for CXF framework?
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
I've never used CXF, sorry. web service security +cxf seems a good start.
 
jQuery in Action, 2nd edition
 
subject: Web Service Security