File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Web Service Access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Web Service Access" Watch "Web Service Access" New topic
Author

Web Service Access

Nuno Miguel Santos
Greenhorn

Joined: Nov 01, 2011
Posts: 10
Good afternoon,

I've built an application that interacts with a web service, which in turns contacts a CMS Platform that is integrated with an AD server.

In turn, the web service uses the CMS api to upload/download files and various functionalities.

That's where I want to make sure only the right users (the one that are stored in the AD) use the web service.

If I fetch both the windows user with his domain in my code, and then send it to the web service, will that be enough?

for example: mydomain\nuno

I can't rely on certificates to identify the person because if the application will reside on hundreds of computers, hundreds of certificates would have to be created.

Regards,
Nuno.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Service Access
 
Similar Threads
Convert Object to Certificate
Spring Web services
Axis2 Certificates
Integrate Single-Sign On on Java
Select a certificate from a keystore for client authentication