You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "PARLEY,THUNDER (HP-MountainView,ex1)" <th...@hp.com> on 2003/10/10 17:34:02 UTC
Restrict access to SSL clients for a service
Hi List,
If I have Axis running on Tomcat, which has 2 liistening ports (unsecure and
SSL), when I deploy a new service, can I deploy it so that the service will
only acknowledge requests over a SSL connection or is there some snippet of
code I can put in the service itself to check that the requestor is
accessing the service securely? Disabling the unsecure port on Tomcat is not
an option.
Thanks!
Thunder
Re: Restrict access to SSL clients for a service
Posted by Andre Charbonneau <an...@nrc-cnrc.gc.ca>.
I was looking at the Axis API documentation and maybe this would help you:
// In the service implementation...
String transportName =
org.apache.axis.MessageContext.getCurrentContext().getTransportName();
I haven't tried it but I assume the transport name could be used to
determine if the connection was over https port or not.
Hope this helps.
PARLEY,THUNDER (HP-MountainView,ex1) wrote:
> Hi List,
>
> If I have Axis running on Tomcat, which has 2 liistening ports (unsecure and
> SSL), when I deploy a new service, can I deploy it so that the service will
> only acknowledge requests over a SSL connection or is there some snippet of
> code I can put in the service itself to check that the requestor is
> accessing the service securely? Disabling the unsecure port on Tomcat is not
> an option.
>
> Thanks!
>
> Thunder
>
--
Andre Charbonneau
100 Sussex Drive, Rm 2025
Research Computing Support, IMSB
National Research Council Canada
Ottawa, ON, Canada K1A 0R6
613-993-3129 Fax: 613-993-3127
RE: Restrict access to SSL clients for a service
Posted by Sanjesh Pathak <sa...@soapknox.com>.
Parley,
Take this handler (see attached) and put it in the request flow of your
service. This handler will only allow requests from a secure channel
(SSL).
Sanjesh
-----Original Message-----
From: PARLEY,THUNDER (HP-MountainView,ex1) [mailto:thunder@hp.com]
Sent: Friday, October 10, 2003 9:34 AM
To: 'axis-user@ws.apache.org'
Subject: Restrict access to SSL clients for a service
Hi List,
If I have Axis running on Tomcat, which has 2 liistening ports (unsecure
and
SSL), when I deploy a new service, can I deploy it so that the service
will
only acknowledge requests over a SSL connection or is there some snippet
of
code I can put in the service itself to check that the requestor is
accessing the service securely? Disabling the unsecure port on Tomcat is
not
an option.
Thanks!
Thunder