You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-user@ws.apache.org by Mark Richman <mr...@ispchannel.com> on 2001/01/22 20:53:02 UTC
HTTP Basic Auth Provider
How would I implement a SOAP Provider that captures the HTTP
Basic Authentication info from the request, and then
compared it to a userid/password list (xml,jdbc,etc.)?? If
not authenticated, how do I pass a failure back to the
client? Would this be a typical SOAP Fault response body?
If authenticated successfully, I assume I just invoke the
desired web service....?
Thanks,
Mark Richman
Re: HTTP Basic Auth Provider
Posted by Sanjiva Weerawarana <sa...@watson.ibm.com>.
If you're using a standard Web [app] server infrastructure, then
this level of authentication will happen way before the SOAP
engine gets involved.
However, if you really want to do it, just subclass the appropriate
provider (RPC or whatever) and implement your own HTTP Basic
mechanism. Then you can throw a SOAP fault instead of getting
the HTTP 404 (?) error.
Sanjiva.
----- Original Message -----
From: "Mark Richman" <mr...@ispchannel.com>
To: <so...@xml.apache.org>
Sent: Monday, January 22, 2001 2:53 PM
Subject: HTTP Basic Auth Provider
> How would I implement a SOAP Provider that captures the HTTP
> Basic Authentication info from the request, and then
> compared it to a userid/password list (xml,jdbc,etc.)?? If
> not authenticated, how do I pass a failure back to the
> client? Would this be a typical SOAP Fault response body?
> If authenticated successfully, I assume I just invoke the
> desired web service....?
>
> Thanks,
> Mark Richman
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>
Re: HTTP Basic Auth Provider
Posted by Sanjiva Weerawarana <sa...@watson.ibm.com>.
If you're using a standard Web [app] server infrastructure, then
this level of authentication will happen way before the SOAP
engine gets involved.
However, if you really want to do it, just subclass the appropriate
provider (RPC or whatever) and implement your own HTTP Basic
mechanism. Then you can throw a SOAP fault instead of getting
the HTTP 404 (?) error.
Sanjiva.
----- Original Message -----
From: "Mark Richman" <mr...@ispchannel.com>
To: <so...@xml.apache.org>
Sent: Monday, January 22, 2001 2:53 PM
Subject: HTTP Basic Auth Provider
> How would I implement a SOAP Provider that captures the HTTP
> Basic Authentication info from the request, and then
> compared it to a userid/password list (xml,jdbc,etc.)?? If
> not authenticated, how do I pass a failure back to the
> client? Would this be a typical SOAP Fault response body?
> If authenticated successfully, I assume I just invoke the
> desired web service....?
>
> Thanks,
> Mark Richman
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>