File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Websphere and the fly likes client authentication with WAS 5 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "client authentication with WAS 5 " Watch "client authentication with WAS 5 " New topic

client authentication with WAS 5

Greg T Robertson
Ranch Hand

Joined: Nov 18, 2003
Posts: 91
I have an application developed under WAS 5. It contains a web service (axis based) and a servlet framework (similar to Struts) that also uses several JSPs.
I have a requirement to serve the Web Service using client authentication (obviously https). An additonal requirement is to serve the servlet and JSPs over https without client authentication. These both need to run in the same application server (for standards purposes). How does one do this?
It seems to me that if I turn on Client Side authentication for the server (and yes it seems to be set at the server level correct me if I'm wronger), I can no longer access my JSPs and servlets but I can get to the web service. Obviously if I set it to a lower standard than client authentication then the web service no longer uses client side authentication.
Any thoughts appreciated ...
Kyle Brown
Ranch Hand

Joined: Aug 10, 2001
Posts: 3892
If the Web Services and the JSP's/Servlets are in different Web Projects then you won't have a problem. Authentication is turned on/off in WebSphere at the Web Project (WAR) level as according to the Servlet spec.

Kyle Brown, Author of Persistence in the Enterprise and Enterprise Java Programming with IBM Websphere, 2nd Edition
See my homepage at for other WebSphere information.
I agree. Here's the link:
subject: client authentication with WAS 5
It's not a secret anymore!