axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Murphy <jmur...@mindreef.com>
Subject Re: Best Practice
Date Tue, 16 Nov 2004 23:18:56 GMT
Yes, and with apologies for not including more helpful information first 
time around.

[1] - http://ws.apache.org/ws-fx/wss4j/

Jim Murphy
Mindreef, Inc.


Vikas Phonsa wrote:

> Jim,
> 
> Could u direct to some resources about WS Security that possibly have
> some examples related to Axis . I googled about security and
> authorization in web services but there is just too much information and
> it is kinda hard to select an approach to follow.
> 
> Thanks
> 
> -----Original Message-----
> From: Jim Murphy [mailto:jmurphy@mindreef.com] 
> Sent: Tuesday, November 16, 2004 2:53 PM
> To: axis-user@ws.apache.org
> Subject: Re: Best Practice
> 
> 
> Joe Plautz wrote:
> 
> 
>>Yes it was. It's something the carries application specific
> 
> information 
> 
>>as well as customer and user specific information. It's not great by
> 
> any 
> 
>>means, but it doesn't allow access either. But, by doing it this way, 
>>I've tried to keep the services as more of one time shots. Not as 
>>something that needs to be called over and over again in rapid
> 
> succession.
> 
>>Vikas Phonsa wrote:
>>
>>
>>>Hi Joe,
>>>
>>>Thanks for your answer. Could you elaborate a little bit about the
>>>authentication object? Was that part of the SOAP message?
> 
> 
> Guys this is what WS-Security is for!  The reason to use SOAP as a 
> framing protocol is to leverage orthogonal/cross-cutting features like 
> security, reliablity, trust, addressing in standard ways.  Baking 
> security features into your application messages may be expedient but is
> 
> not the direction this industry is going in.
> 
> Jim
> 

Mime
View raw message