You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-user@xml.apache.org by "Nelson, Christopher" <cn...@synchrony.net> on 2000/08/30 00:01:13 UTC
Authentication for soap requests
Is there any standard way to do authentication/security with soap. I
couldn't seem to find much in the javadocs on this subject. It would be
really nice to have some way to do logins and ACLs to grant permissions for
certain users to be able to access certain services. Is this already there
and I missed it? Or planned for?
Re: Authentication for soap requests
Posted by George I Matkovits <ma...@uswest.net>.
I started working on this. I will be posting the 1st beta version later today
to the soap-dev list as an update to soap2_0 for SSL extensions, called
SecureSoap. In the future I am planning to provide client authentication and
ACLs on the server using PKI. When the extensions are completed then you will
be able to exchange securely soap messages and the server will be able to
authenticate you based on your DN from your client certificate. Sever
extensions will use your DN to control access based on your 'rights' assigned
via a mangement tool.
"Nelson, Christopher" wrote:
> Is there any standard way to do authentication/security with soap. I
> couldn't seem to find much in the javadocs on this subject. It would be
> really nice to have some way to do logins and ACLs to grant permissions for
> certain users to be able to access certain services. Is this already there
> and I missed it? Or planned for?
Re: Authentication for soap requests
Posted by George I Matkovits <ma...@uswest.net>.
I started working on this. I will be posting the 1st beta version later today
to the soap-dev list as an update to soap2_0 for SSL extensions, called
SecureSoap. In the future I am planning to provide client authentication and
ACLs on the server using PKI. When the extensions are completed then you will
be able to exchange securely soap messages and the server will be able to
authenticate you based on your DN from your client certificate. Sever
extensions will use your DN to control access based on your 'rights' assigned
via a mangement tool.
"Nelson, Christopher" wrote:
> Is there any standard way to do authentication/security with soap. I
> couldn't seem to find much in the javadocs on this subject. It would be
> really nice to have some way to do logins and ACLs to grant permissions for
> certain users to be able to access certain services. Is this already there
> and I missed it? Or planned for?
Re: Authentication for soap requests
Posted by George I Matkovits <ma...@uswest.net>.
I started working on this. I will be posting the 1st beta version later today
to the soap-dev list as an update to soap2_0 for SSL extensions, called
SecureSoap. In the future I am planning to provide client authentication and
ACLs on the server using PKI. When the extensions are completed then you will
be able to exchange securely soap messages and the server will be able to
authenticate you based on your DN from your client certificate. Sever
extensions will use your DN to control access based on your 'rights' assigned
via a mangement tool.
"Nelson, Christopher" wrote:
> Is there any standard way to do authentication/security with soap. I
> couldn't seem to find much in the javadocs on this subject. It would be
> really nice to have some way to do logins and ACLs to grant permissions for
> certain users to be able to access certain services. Is this already there
> and I missed it? Or planned for?
Re: Authentication for soap requests
Posted by George I Matkovits <ma...@uswest.net>.
I started working on this. I will be posting the 1st beta version later today
to the soap-dev list as an update to soap2_0 for SSL extensions, called
SecureSoap. In the future I am planning to provide client authentication and
ACLs on the server using PKI. When the extensions are completed then you will
be able to exchange securely soap messages and the server will be able to
authenticate you based on your DN from your client certificate. Sever
extensions will use your DN to control access based on your 'rights' assigned
via a mangement tool.
"Nelson, Christopher" wrote:
> Is there any standard way to do authentication/security with soap. I
> couldn't seem to find much in the javadocs on this subject. It would be
> really nice to have some way to do logins and ACLs to grant permissions for
> certain users to be able to access certain services. Is this already there
> and I missed it? Or planned for?