Results 1 to 2 of 2

Thread: Secure and Open Methods - How?

  1. May 7th, 2011, 08:51 AM #1
    akutz
    akutz is offline Junior Member
    Join Date
    Jan 2011
    Location
    Austin, TX
    Posts
    14

    Default Secure and Open Methods - How?

    I have created as Spring web service, and I want there to be both secure (authenticated) and open methods, but I am not sure how to do this using WS-Security. Both interceptors seem to place the authn/authz boundaries around the entire web service. I could easily do this with my own login() and logout() methods in combination with JAAS, but I was hoping that I could achieve this in some declarative manner. I would think that authorization requirements would force the ability to have open methods since multiple roles would necessitate method/message-level security.

    Am I missing something?

    Thanks!
    Reply With Quote Reply With Quote
  2. May 7th, 2011, 11:19 AM #2
    akutz
    akutz is offline Junior Member
    Join Date
    Jan 2011
    Location
    Austin, TX
    Posts
    14

    Default XWS-Security's Operation Elements

    XWS allows for operation-level security, but since the Spring implementation of it requires that the SecurityConfiguration element be the root of the policy file, I don't see how to make use of the operation-level security since the Operation element is not a child of the SecurityConfiguration element.

    Thoughts?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules