We have 6 webservices serving different applications within the organization.
Now we want to allow external applications over the internet to be able to access these webservices, to
do this we want to authenticate and authorize both external and internal applications against a oracle
database/LDAP active directory.
Please advise me how to do this, I thought of couple of things here..
1. Should I have a JSP or a Servlet to do the authentication and authorization before they can access the
However I feel that this may lead to code changes to be made in the client applications that consume these
webservices.. ( calling the new servlet/JSP instead of invoking the webservices) or
2. I will let them invoke the webservices the way they are doing right now, in each of these webservices
before the request is actually processed, can I invoke the new servlet/JSP/a simple java class where I
intend to code the authentication and authorization logic.