Win a copy of Secure Financial Transactions with Ansible, Terraform, and OpenSCAP this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Bear Bibeault
  • Rob Spoor
  • Henry Wong
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Carey Brown
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Frits Walraven
  • Himai Minh
  • Jj Roberts

Web service Authorization

Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am using java first appraoch to expose java interfaces as web service using Apache CXF JAX-WS implementation.

interface MyInterface {

public void method1();

public void method2();

public void method3();

I have exposed all these methods in a single wsdl. Now here are my requirements
1)Autheticate all the clients which use this webservice(i need to talk to ldap)
2)Authorization- since i have exposed all methods in single wsdl, the clients may invoke other methods which are not meant to be invoked.
For Example Client1 should invoke only method1, client2 --> method2 and so on.

I am stuck in point 2. I have a solution where in we can write Apache CXF interceptors which will first authenticate the clients using ldap. I can have a mapping of client and methods it can invoke. If the client invokes a method which is not in the map, i will throw an error. Are there any ways of handling this scenario ? Can i push this mapping to ldap ? I will pass the operation name and the user credential to ldap, it should authenticate and authorize the clients . And yes i want to give the same wsdl to all clients which will have all the operations. I am not sure if WS-policy can come to my rescue.

Thanks in advance!!
And tomorrow is the circus! We can go to the circus! I love the circus! We can take this tiny ad:
SKIP - a book about connecting industrious people with elderly land owners
    Bookmark Topic Watch Topic
  • New Topic