You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "Lanigan, Ronan" <Ro...@ie.fid-intl.com> on 2003/06/18 15:09:24 UTC
Authentication
Hi,
I want to perform some Authentication for my Web Service. I have a list of
machine names e.g. devmachine.xxx.com and I only want to service requests
that come from these machines. We are using a list of machine names as the
ip's for these machines can change.
So, I need some mechanism whereby the ip of the requester can be checked
against the ip of each of the machine names in the list (the machine names
can be stored in an xml or properties file). If the ip's match then the
request can be processed (passed onto the axis servlet?) otherwise an error
response should be generated.
Does axis provide any specific mechanism for this sort of thing?
Could I just change the address location in the wsdl for the service to a
second servlet, which could forward the request to the proper address if the
ip is in the list?
Thanks in advance,
Ronan
Re: Authentication
Posted by Tony Opatha <to...@yahoo.com>.
Why not use with AXIS SOAP Message Handler the WS-Security
Password-based Authentication mechanism and/or WS-Security
with SAML Assertion.
Are there any plans to support WS-Security for AXIS SOAP
Message exchanges either by Apache/AXIS or by IBM?
Benjamin Tomasini <bt...@neteverything.com> wrote:
Consider enforcing that in your servlet container or web server.
Ben
On Wed, 2003-06-18 at 09:09, Lanigan, Ronan wrote:
> Hi,
>
> I want to perform some Authentication for my Web Service. I have a list of
> machine names e.g. devmachine.xxx.com and I only want to service requests
> that come from these machines. We are using a list of machine names as the
> ip's for these machines can change.
>
> So, I need some mechanism whereby the ip of the requester can be checked
> against the ip of each of the machine names in the list (the machine names
> can be stored in an xml or properties file). If the ip's match then the
> request can be processed (passed onto the axis servlet?) otherwise an error
> response should be generated.
>
> Does axis provide any specific mechanism for this sort of thing?
>
> Could I just change the address location in the wsdl for the service to a
> second servlet, which could forward the request to the proper address if the
> ip is in the list?
>
> Thanks in advance,
>
> Ronan
--
Benjamin Tomasini
NetEverything, LLC
---------------------------------
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
Re: Authentication
Posted by Benjamin Tomasini <bt...@neteverything.com>.
Consider enforcing that in your servlet container or web server.
Ben
On Wed, 2003-06-18 at 09:09, Lanigan, Ronan wrote:
> Hi,
>
> I want to perform some Authentication for my Web Service. I have a list of
> machine names e.g. devmachine.xxx.com and I only want to service requests
> that come from these machines. We are using a list of machine names as the
> ip's for these machines can change.
>
> So, I need some mechanism whereby the ip of the requester can be checked
> against the ip of each of the machine names in the list (the machine names
> can be stored in an xml or properties file). If the ip's match then the
> request can be processed (passed onto the axis servlet?) otherwise an error
> response should be generated.
>
> Does axis provide any specific mechanism for this sort of thing?
>
> Could I just change the address location in the wsdl for the service to a
> second servlet, which could forward the request to the proper address if the
> ip is in the list?
>
> Thanks in advance,
>
> Ronan
--
Benjamin Tomasini <bt...@neteverything.com>
NetEverything, LLC