You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by SivaKumarl <si...@naradaproducts.com> on 2009/10/22 12:02:30 UTC
Configuring inflow and outflow security for multiple clients.
Hi friends,
I have small doubt, if i have 100 clients then how should i
configure in and out flow security in client and server application and how
could i handle password callback handler for mutiple clients , kindly give
me suggestion how to handle this situation.
Thanks in advance.
------------------
Siva kumar
--
View this message in context: http://www.nabble.com/Configuring-inflow-and-outflow-security-for-multiple-clients.-tp26007386p26007386.html
Sent from the Axis - Dev mailing list archive at Nabble.com.
Re: Configuring inflow and outflow security for multiple clients.
Posted by Prabath Siriwardena <pr...@wso2.com>.
Hi Siva;
This is the same way you do login to any other application - once you
have the user name and password.
You need to maintain user names and password of your clients in a
database or some other place - and you need to have your own
authentication module to talk to the database and authenticate the user.
In password callback handler you simply get the user name and password
and then call - authenticationModule.authenticate(username,password);
Thanks & regards.
-Prabath
SivaKumarl wrote:
> Hi Prabath,
> First of all thanks for your reply, i read your url it wrote by using
> LDAP, actually i am using linux server that is my problem, kindly refer once
> my callback handler for authentication.
> public class PWCBHandler implements CallbackHandler {
>
> public void handle(Callback[] callbacks) throws IOException,
> UnsupportedCallbackException {
>
> for (int i = 0; i < callbacks.length; i++) {
> WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
>
> String id = pwcb.getIdentifer();
> if("client".equals(id)) {
> pwcb.setPassword("apache");
> } else if("service".equals(id)) {
> pwcb.setPassword("apache");
> }
> }
> }
>
> }
> Here if i want to set 100 client it's quiet wrost coding, so how to handle
> this. can you pls explain.
>
> Prabath Siriwardena-2 wrote:
>
>> Hi Siva;
>>
>> It doesn't matter how many client you have - if the service is secured
>> all the clients should communicate securely.
>>
>> Password callback handler will get the user name and password from the
>> security layer - once you have user name and password - you simply need
>> to validate the provided user name against the user name - it will not
>> be coupled to given client. This [1] is such example.
>>
>> Also , [2] will help you understand Password Callback Handlers better....
>>
>> Thanks & regards.
>> -Prabath
>>
>> [1]:http://blog.facilelogin.com/2008/11/usernametoken-authentication-based-on.html
>> [2]:http://wso2.org/library/3733
>>
>>
>>
>>
>>
>> SivaKumarl wrote:
>>
>>> Hi friends,
>>> I have small doubt, if i have 100 clients then how should i
>>> configure in and out flow security in client and server application and
>>> how
>>> could i handle password callback handler for mutiple clients , kindly
>>> give
>>> me suggestion how to handle this situation.
>>>
>>> Thanks in advance.
>>> ------------------
>>> Siva kumar
>>>
>>>
>>
>>
>
>
Re: Configuring inflow and outflow security for multiple clients.
Posted by SivaKumarl <si...@naradaproducts.com>.
Hi Prabath,
First of all thanks for your reply, i read your url it wrote by using
LDAP, actually i am using linux server that is my problem, kindly refer once
my callback handler for authentication.
public class PWCBHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
String id = pwcb.getIdentifer();
if("client".equals(id)) {
pwcb.setPassword("apache");
} else if("service".equals(id)) {
pwcb.setPassword("apache");
}
}
}
}
Here if i want to set 100 client it's quiet wrost coding, so how to handle
this. can you pls explain.
Prabath Siriwardena-2 wrote:
>
> Hi Siva;
>
> It doesn't matter how many client you have - if the service is secured
> all the clients should communicate securely.
>
> Password callback handler will get the user name and password from the
> security layer - once you have user name and password - you simply need
> to validate the provided user name against the user name - it will not
> be coupled to given client. This [1] is such example.
>
> Also , [2] will help you understand Password Callback Handlers better....
>
> Thanks & regards.
> -Prabath
>
> [1]:http://blog.facilelogin.com/2008/11/usernametoken-authentication-based-on.html
> [2]:http://wso2.org/library/3733
>
>
>
>
>
> SivaKumarl wrote:
>> Hi friends,
>> I have small doubt, if i have 100 clients then how should i
>> configure in and out flow security in client and server application and
>> how
>> could i handle password callback handler for mutiple clients , kindly
>> give
>> me suggestion how to handle this situation.
>>
>> Thanks in advance.
>> ------------------
>> Siva kumar
>>
>
>
>
--
View this message in context: http://www.nabble.com/Configuring-inflow-and-outflow-security-for-multiple-clients.-tp26007386p26007887.html
Sent from the Axis - Dev mailing list archive at Nabble.com.
Re: Configuring inflow and outflow security for multiple clients.
Posted by Prabath Siriwardena <pr...@wso2.com>.
Hi Siva;
It doesn't matter how many client you have - if the service is secured
all the clients should communicate securely.
Password callback handler will get the user name and password from the
security layer - once you have user name and password - you simply need
to validate the provided user name against the user name - it will not
be coupled to given client. This [1] is such example.
Also , [2] will help you understand Password Callback Handlers better....
Thanks & regards.
-Prabath
[1]:http://blog.facilelogin.com/2008/11/usernametoken-authentication-based-on.html
[2]:http://wso2.org/library/3733
SivaKumarl wrote:
> Hi friends,
> I have small doubt, if i have 100 clients then how should i
> configure in and out flow security in client and server application and how
> could i handle password callback handler for mutiple clients , kindly give
> me suggestion how to handle this situation.
>
> Thanks in advance.
> ------------------
> Siva kumar
>