I'm working with JBoss 4.3, and I've already been able to secure my web service with the following code...
That works fine, but is it possible with JBoss 4.3 to secure a web service at the method level? So basically some clients can only access getPatientName, while other clients can access getPatientAddress.
My other question, can I provide my client with a WSDL file that hides some of the methods, so that the client cannot even see the methods that he/she doesn't have access to?
Again, keep in mind that I'm using JBoss EAP 4.3.
subject: Some questions on securing a web service on a per method basis.