Does anyone have a recommendation about web service security architecture in Java (preferably under JBoss)? Any recommended reading?
I want to expose a fairly rich web service to the world but the data are sensitive and it requires authentication from the current client (Flex), accessed via RPC. I definitely do not want any server-side session state.
What's the best way to go about implementing security through web services in Java/JBoss and where can I read about it?
From stackoverflow
-
For web services security in JBoss, I would start by reading 8.4 WS-Security of the JBossWS User Guide.
-
You could try:
-
WSSE is simple and works well.
http://www.xml.com/pub/a/2003/12/17/dive.html
http://www.sixapart.com/developers/atom/protocol/atom_authentication.html
0 comments:
Post a Comment