axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harald Pollak <h.pol...@pke.at>
Subject Re: Authentication - Could anyone help me plzzzzzzz
Date Thu, 04 Dec 2003 12:59:23 GMT
as i have understood:

The handler is a thing befor the WS ( not part of it ) and the WSDL
describe the WS - so elements only used in handler shouldn't and
couldn't be described in Webservice, so you can only tell your opposit
what to do in document the webservice in hardware ways ( email, letters,
tell him ... ).

best regards 
Harry

Am Don, den 04.12.2003 schrieb Yogesh Pant um 13:49:

> Hello ppl,
> I have got a custom authentication handler. It authenticates the
> incoming message very well.
>  
> My problem is that the generated wsdl has no mention of header
> elements at all. HOW DO I ACHIEVE THIS?
>  
> Do I need to configure the deployment descriptor a little bit more?
>  
> Please help.
>  
> Thanks in advance.
>  
> regards,
> - yogesh
>  
>  
>  
>  
>  
>  
> Sunil Iyengar <s.iyengar@eim.surrey.ac.uk> wrote:
> 
>         Hi Tony,
>         If you wanted to use application level security, maybe try
>         using
>         ws-security (encryption and signatures) using handlers in
>         axis. You will
>         find quite a few links on
>         this in the axis mailing list.
>         You may have to design the authentication protocol and then
>         implement this
>         using ws-security.
>         Hope this helps :)
>         
>         Cheers
>         Sunny
>         
>         ***********************************************************
>         Sunil Iyengar,
>         Research Fellow, Networks Group,
>         Centre For Communication And Systems Research(CCSR),
>         School of Electronics, Computing & Mathematics,
>         University Of Surrey, Guildford GU2 7XH,
>         Surrey, England, United Kingdom.
>         Office: +44 (0)1483 686008
>         ***********************************************************
>         
>         On Thu, 4 Dec 2003, Tony Vieitez wrote:
>         
>         > Hi
>         >
>         > I asked a question on this subject recently, but I don't
>         think I asked
>         > it clearly enough, because the answers I got back, although
>         helpful,
>         > didn't quite give me the answer I was after. Now I
>         understand a bit more
>         > about authentication I can (hopefully) formulate my question
>         a bit more
>         > clearly. In fact, I have a number of questions which revolve
>         around the
>         > same subject:
>         >
>         > 1. I have implemented container level authentication, and
>         have given the
>         > client application access to the web service by implementing
>         in this
>         > client the following code:
>         >
>         > call.setUsername("myUsername");
>         > call.setPassword("myPassword");
>         >
>         > This works fine. But how do I implement application level
>         security,
>         > instead of just relying on the web container to authenticate
>         the calling
>         > client?
>         >
>         > 2. As stated above, I have implemented container level
>         authentication
>         > for the whole of the axis web app, and now I want to use the
>         Axis 
>         > Servlet to administer the system, I have to provide a
>         username and
>         > password but I get an unauthorised error. Here is what I
>         did:
>         >
>         > At the command prompt I tried:
>         > java org.apache.axis.client.AdminClient -l
>         > http://myserver:8080/axis/servlet/AxisServlet list
>         >
>         > I also tried:
>         > java org.apache.axis.client.AdminClient -l
>         > http://myserver:8080/axis/servlet/AxisServlet -u myUsername
>         -p
>         > myPassword list
>         >
>         > and I got this:
>         > Exception (401)Unauthorised
>         >
>         > As stated, this is container level security, which I would
>         like to know
>         > how to implement. I would also like to know how to implement
>         application
>         > level security, that is how to implement security that is
>         part of axis
>         > and not just rely on the security features that comes with
>         tomcat
>         >
>         > Any insight into any of these issues would be most
>         gratefully received
>         >
>         > Tony
>         >
>         >
> 
> 
> ______________________________________________________________________
> Do you Yahoo!?
> Free Pop-Up Blocker - Get it now

Mime
View raw message