Re: [Acegisecurity-developer] Acegisecurity-developer Digest, Vol 4, Issue 6

Wed, 09 Aug 2006 15:00:34 -0700

For web service clients, you can pass security credentials through the SOAP header using the WS-Security extension. We use Spring-WS and Acegi together to support credential passing and authentication/authorization. Spring-WS uses Sun's XWSS (XML Web Service Security) package to modify or read the SOAP header when receiving or sending messages. You can configure your server code so that all incoming SOAP messages are required to have a WS-Security header. You can then pass the credentials on to your authentication mechanism as usual.
 
Microsoft has a Web Service Enhancement (WSE) package that provides the same functionality for .NET. Your .NET applications can use this API to alter the SOAP message being sent to the server.
 
Hope that helps.
 
Joe

[EMAIL PROTECTED] wrote:
Send Acegisecurity-developer mailing list submissions to
[email protected]

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Acegisecurity-developer digest..."


Today's Topics:

1. Passing security context from non-Java clients (Manish Gulati)


----------------------------------------------------------------------

Message: 1
Date: Wed, 9 Aug 2006 11:11:38 +0530
From: "Manish Gulati" <[EMAIL PROTECTED]>
Subject: [Acegisecurity-developer] Passing security context from
non-Java clients
To:
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

Hi All,



I am working in a project with spring based Server in Java and the
clients in different languages including .NET, Cocoa, C++. The clients
also include Web Service clients, thin web clients and RMI clients. I
need to do Kerberos based authentication and allow calls to my APIs
based on the authorization context of the clients. Is this possible to
achieve this using Acegi security? If possible, how will non-Java
clients pass the security context/ticket/credentials to the Java server?



Thanks in Advance,

Manish Gulati





CONFIDENTIALITY NOTICE
This e-mail transmission and any documents, files, or previous e-mail
messages appended or attached to it, may contain information that is
confidential or legally privileged. If you are not the intended
recipient, or a person responsible for delivering it to the intended
recipient, you are hereby notified that you must not read this
transmission and that any disclosure, copying, printing, distribution,
or use of the information contained or attached to this transmission is
STRICTLY PROHIBITED. If you have received this transmission in error,
please immediately notify the sender by telephone +91.172.229.9438 or
return e-mail message [EMAIL PROTECTED] and delete the original
transmission, its attachments, and any copies without reading or saving
in any manner. Thank you.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://sourceforge.net/mailarchive/forum.php?forum=acegisecurity-developer/attachments/20060809/42be1345/attachment.html

------------------------------

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

------------------------------

_______________________________________________
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer


End of Acegisecurity-developer Digest, Vol 4, Issue 6
*****************************************************

How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates.
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to