Work with password-protected components
Configure user ID and password authentication and authorization for inbound services, and for individual operations within a web service. Invoke password-protected outbound services, and access password-protected proxy servers.
In addition to the security options described in Configure secure transmission of SOAP messages using WS-Security, we can also use the broader security features of WebSphere Application Server to work with password-protected components.
Subtopics
- Password-protecting inbound services
Password-protect a set of inbound services by requiring user authentication for access to the associated HTTP endpoint listener, or (for JMS) to the associated JMS queue destination.- Password-protecting a web service operation
Password-protect individual operations (methods) in a Web service by creating an enterprise bean with methods matching the Web service operations, then applying WAS authentication mechanisms to the enterprise bean so that, before a web service operation is invoked, a call is made to the EJB method for authorization.- Invoking a password-protected outbound service
Invoke a password-protected external web service by configuring and deploying a JAX-RPC handler to set the associated user ID and password.- Accessing a password-protected proxy server
Configure access to an external web service or WSDL file through a password-protected proxy server.
Bus-enabled web services troubleshooting tips Overriding the default security configuration between bus-enabled web services and a secure bus Configure secure transmission of SOAP messages using WS-Security Invoking outbound services over HTTPS