axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry Edwardson" <bun...@tpg.com.au>
Subject Re: How to authenticate web services
Date Thu, 24 Apr 2003 22:23:38 GMT
Hi Sam, your gateway sounds very interesting is there any chance you could
guide me in the process of authentication, I am also using username password
and allowing users to register, but when I try and get a handle on the
MessageContext on the service side it comes back null, I think I have to
write my own custom handler, can you help.
Thanks
Larry
----- Original Message -----
From: "SP" <sp@soapknox.com>
To: <axis-user@ws.apache.org>; <sgupta@mail.etouch.net>
Sent: Friday, April 25, 2003 6:04 AM
Subject: RE: How to authenticate web services


> Hi Saurabh,
>
> You can use basic HTTP authentication to authenticate clients. The
> clients can pass username and password by using these two methods on the
> Call object:
>
>     call.setUsername("username");
>     call.setPassword("password");
>
> You can use a handler on the service to do the authentication. In the
> handler, you can extract username and password by doing this:
>
>       String username = msgContext.getUsername();
>       String password = msgContext.getPassword();
>
> This way you can check username and password and implement
> authentication on a web service.
>
> I have developed a Web services gateway which does all these stuff (and
> much more). This gateway sits in front of the actual Web services and
> does authentication, authorization, tracking, auditing, response time
> statistics and lot of administrative functionalities etc. It also has
> service subscription workflow built into the system. I have set up the
> gateway for demo purpose. Go to:
>
> http://soapknox.servehttp.com:8080
>
> and check it out. You will more information about the gateway at
> http://www.soapknox.com
>
> I can give you the software for free if you want to use/test it. Let me
> know.
>
> Sam
>
> -----Original Message-----
> From: Saurabh Gupta [mailto:sgupta@mail.etouch.net]
> Sent: Wednesday, April 23, 2003 11:35 PM
> To: axis-user@ws.apache.org
> Subject: How to authenticate web services
>
>
> Hi All,
>
>    We are using Bowstreet as app server and calling web
> services deployed on Axis. The web services are java
> classes with primitive input and output types. No
> authentication are being done in the web services side.
> However now we are concerned about the authentication and
> would want to ensure that all groups in our company should
> not be able to access them . Since I am new to Web
> Services I would appreciate if somebody can share his/her
> views regarding the best ways of making them protected (
> kind of passing the password sort of thing from client or
> ....anything that is best in this scenario ).
>
> Willing to provide any more information necessary.
>
> Thanks in advance
> Regards
> Saurabh
>
>
>
>
>



Mime
View raw message