This week's book giveaway is in the Agile and other Processes forum.
We're giving away four copies of The Mikado Method and have Ola Ellnestam and Daniel Brolund on-line!
See this thread for details.
The moose likes Security and the fly likes Web Service Access Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "Web Service Access" Watch "Web Service Access" New topic
Author

Web Service Access

Nuno Miguel Santos
Greenhorn

Joined: Nov 01, 2011
Posts: 10
posted private message
0
Quote
Good afternoon,

I've built an application that interacts with a web service, which in turns contacts a CMS Platform that is integrated with an AD server.

In turn, the web service uses the CMS api to upload/download files and various functionalities.

That's where I want to make sure only the right users (the one that are stored in the AD) use the web service.

If I fetch both the windows user with his domain in my code, and then send it to the web service, will that be enough?

for example: mydomain\nuno

I can't rely on certificates to identify the person because if the application will reside on hundreds of computers, hundreds of certificates would have to be created.

Regards,
Nuno.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Service Access
 
Similar Threads
Axis2 Certificates
Spring Web services
Select a certificate from a keystore for client authentication
Integrate Single-Sign On on Java
Convert Object to Certificate