Dynamic server security configration?

[Chris Nappin <C....@ABM-UK.COM>]

Hi,

 

  I have a requirement to use two different security solutions on one
web service:

 

-          HTTPS

-          HTTP with WSS (TBC, probably Signatures)

 

Ideally I'd like to be able to deploy the service as one web application
on one JVM. Is it possible to invoke the WSS4J security handlers
dynamically from within my service? For example, when first receiving
the request:

 

if (!request.isSecure()) {

    ..check signature is valid..

} else {

    ..don't need to worry..

}

 

Then when sending a response:

 

if (!request.isSecure()) {

    ..sign the response..

} else {

    ..leave response alone..

}

 

Thanks,


Chris Nappin

Technical Architect
 
ABM United Kingdom Limited
Telephone: +44 (0) 115 977 6999
Facsimile: +44 (0) 115 977 6850
Web: http://www.abm-uk.com
 
ABM for Intelligent Solutions

 


 
CONFIDENTIALITY & PRIVILEGE NOTICE

This e-mail is confidential to its intended recipient. It may also be privileged. Neither the confidentiality nor any privilege attaching to this e-mail is waived lost or destroyed by reason that it has been mistakenly transmitted to a person or entity other than its intended recipient. If you are not the intended recipient please notify us immediately by telephone or fax at the numbers provided above or e-mail by Reply To Author and return the printed e-mail to us by post at our expense. We believe, but do not warrant, that this e-mail and any attachments are virus-free, but you should check. We may monitor traffic data of both business and personal e-mails. We are not liable for any opinions expressed by the sender where this is a non-business e-mail. If you do not receive all the message, or if you have difficulty with the transmission, please telephone us immediately.