Help with authentication/session concepts (fairly new user) in axis?

["Camuto, Matthew" <ma...@redsealsys.com>]

Hi-

 

 

I am a little new to axis and have a few questions about
authentication/session handling within the axis framework. I

Have combed through the examples as well....

 

My application is going to be a simple client/server. The client is
going to be a swing application and the server will running in most
probably tomcat.

 

 

We would be desired would be to

 

 

-          Authenticate once when we log in (using our own
authentication web service)

      

o        Possible get a session handle or ID at this point if valid

 

-          Make sure every other web service call we make is from a
valid user

 

o        Either re-pass over credentials or use a session Id.

 

Very basic model I know however ....

 

Here are the questions. I noticed with the sample applications in the
wsdd file there are request flow elements for authentication. Now what I
was curious is if  we HAVE to have a request flow filter for every web
service to pre process authentication and/or session handling in each
wsdd file OR if there was a way to make all services be session bound
and un accessible if the caller (client) was not bound to a particular
session. This is one concept I can not seem to grasp from the
documentation.

 

In summary I am basically trying to figure out the quickest and easiest
to have an authenticated session bound

Client (fat) server relationship for my product.

 

Any help or simple samples would be great. All the examples in the src
seem to not demonstrate this easily.

 

 

Thanks

 

 

m