Skip to main content

A simple web service security scheme

2 replies [Last post]
karlgold
Offline
Joined: 2006-09-17
Points: 0

I've been doing some prototyping for a public web service. Because some of the operations involve confidential data, I'm particularly concerned with ensuring that I have a reasonable security scheme in place. At the same time I want to ensure the broadest possible access to my service, regardless of web platform or environment that clients may use.

I took a look at the security schemes of some big web service providers and tried to concoct something that is at least as secure in the context of JAX-WS 2.0. The prototype is spread across a few posts in my blog:

http://xocoatl.blogspot.com/2006/09/web-service-security.html
http://xocoatl.blogspot.com/2006/10/implementing-web-service-security.html
http://xocoatl.blogspot.com/2006/10/implementing-web-service-security_23...
http://xocoatl.blogspot.com/2006/10/implementing-web-service-s_116166891...

Any and all feedback is appreciated. Thanks.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
kohsuke
Offline
Joined: 2003-06-09
Points: 0

Cool. Would you be interested in adding this to http://wiki.java.net/bin/view/Javawsxml/JaxwsArticles ?

hakin9
Offline
Joined: 2006-10-24
Points: 0

If you wish to know more about IT security or would like to get to know ale the news from this field or become an author or betatester - get familiar with the bigest world security magazine - hakin9. http://www.en.hakin9.org/
for more details, please contact me: magdalena.blaszczyk@software.com.pl