axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject RE: Newbie question on Usage and design style
Date Fri, 20 Jun 2003 09:16:05 GMT

Thank you for the prompt reply. I hope to generate a healthy debate on the
issue and see whether I am crossing the limits of interoperation.

Does SOAP, UDDI, WSDL in their present and proposed form attempt to address
this issue about authentication? What are the best practices around this,
supposing that one wants to maintain interoperation? One solution may be to
maintain the underlying HTTP session (but that is something beyond the specs
in WSDL) and again may break interop.

Hope for guidance from experienced people in the list.



-----Original Message-----
From: Wilfred Springer [mailto:Wilfred.Springer@Sun.COM]
Sent: Friday, June 20, 2003 9:31 AM
Subject: Re: Newbie question on Usage and design style

> We are considering of introducing axis based web services, as an interop
> solution for the interface into our product. We already have well
> established Authentication and Authorisation services delivered via CORBA,
> wanted to utilise the same and introduce a concept of a token for every
> successful user of our web services (still in the conceptualization

This smells like SAML.

> Some sites suggested of introducing SOAP Headers in the WSDL. Does AXIS
> support this feature of a token in the request header. How do I access it
> an end point? Is it too much of a demand on web services?

If your ultimate goal is interoperability, then you'd better steer clear
from introducing proprietary headers.

Wilfred Springer               Phone  : +31 (0)3 3451 5736
Java Architect                 Mobile : +31 (0)6 2295 7321
Sun Java Center                Fax    : +31 (0)3 3451 5734
Sun Microsystems Netherlands   Mail   :

View raw message