my dog learned polymorphism
The moose likes Web Services Certification (SCDJWS/OCEJWSD) and the fly likes Securing jax-ws service on glassfish 3. Good approaches Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Certification » Web Services Certification (SCDJWS/OCEJWSD)
Bookmark "Securing jax-ws service on glassfish 3. Good approaches" Watch "Securing jax-ws service on glassfish 3. Good approaches" New topic
Author

Securing jax-ws service on glassfish 3. Good approaches

seniya brown
Greenhorn

Joined: Jul 26, 2012
Posts: 1
I have a jax-ws soap web service (implemented NOT like Session bean) generated in NetBeans from wsdl. Deployed on Glassfish 3.1.2. I want to secure access to it using mutual certificate authentication usig SSL and https. I have read a lot of articles and books. As I understood there are several variants:

use OpenSSL (unfortunately it fails during deployment, I can show stacktrace if needed);
use http://www.ibm.com/developerworks/java/library/j-jws10/index.html [Jax-ws metro security]
I have the following questions:

What is the best and the most adequate method? May be you can advise me anything else?
Could you show me a good tutorial which includes every step (generating certificates, modifying source code, config Glassfish)?
And why web service security is considered different from simple web apps security?
 
Have you checked out Aspose?
 
subject: Securing jax-ws service on glassfish 3. Good approaches
 
It's not a secret anymore!