File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Spring and the fly likes JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled" Watch "JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled" New topic
Author

JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled

gianluca gian
Ranch Hand

Joined: Aug 14, 2009
Posts: 31
hi everyone. In test environment we have a websphere application server with security enabled. On our web application we have some services: spring http services and jax-ws services. Another web application that is installed on the same application server of the first application, uses both kind of services, but while authentication is necessary only for jax-ws services (ws-security) for http services is not. Can you tell me why?

this is a http service:



and the following is the jax-ws:


Bye
Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1680
    
    7

Is your question how to secure it or why it does not work the same as JaxWs?


[How To Ask Questions][Read before you PM me]
gianluca gian
Ranch Hand

Joined: Aug 14, 2009
Posts: 31
excuse me, I'm a little confused about the difference between http spring service and jax-ws service. I think I need to read more. As I said in test environment we had jax-ws services with authentication, so at the moment we removed the basic authentication configured on the web.xml and then authentication were not required anymore. But I'm curious about how to enable security on spring http service. Thanks
Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1680
    
    7

The type of security you mentioned is container level security. There are varying degrees of this offered by different vendors. You also add additional security like that offered by Spring Security. This would be used to secure something like your remoting endpoint. I did find an example demonstrating one way this could be done.

http://kalali.me/using-spring-security-to-enforce-authentication-and-authorization-on-spring-remoting-services-invoked-from-a-java-se-client/

Have a look at the Spring Security project for a more extensive list of all the things it has to offer.

http://www.springsource.org/spring-security
gianluca gian
Ranch Hand

Joined: Aug 14, 2009
Posts: 31
thanks a lot. Bye
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JaxWsPortProxyFactoryBean HttpInvokerServiceExporter security enabled