axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Plautz <>
Subject Security Issue
Date Wed, 16 Feb 2005 17:59:17 GMT

I'm looking for some guidance in the realm of security. I am in charge 
of  creating some web services to be used by a PowerBuilder front 
end(changing this is not an option). What I've discovered is that 
PowerBuilder does not allow you to modify/add headers in any shape or 
form. So, adding in WS-Security compliant headers or some other form of 
authentication headers would require a lot more time than than 
desired(ie writing a custom soap lib). It does support HTTP-Basic 
authentication, but because of the way the user information is being 
stored it is not a feasible option, user info is being stored in client 
specific databases. I've come up with my own ideas, which include 
sending the "authentication" piece as part of the message. If anyone has 
any alternative ideas please let me know.

Joe Plautz

View raw message