*
The moose likes Security and the fly likes Web Service Access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Web Service Access" Watch "Web Service Access" New topic
Author

Web Service Access

Nuno Miguel Santos
Greenhorn

Joined: Nov 01, 2011
Posts: 10
Good afternoon,

I've built an application that interacts with a web service, which in turns contacts a CMS Platform that is integrated with an AD server.

In turn, the web service uses the CMS api to upload/download files and various functionalities.

That's where I want to make sure only the right users (the one that are stored in the AD) use the web service.

If I fetch both the windows user with his domain in my code, and then send it to the web service, will that be enough?

for example: mydomain\nuno

I can't rely on certificates to identify the person because if the application will reside on hundreds of computers, hundreds of certificates would have to be created.

Regards,
Nuno.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Service Access
 
Similar Threads
Select a certificate from a keystore for client authentication
Spring Web services
Convert Object to Certificate
Integrate Single-Sign On on Java
Axis2 Certificates