Hello,
I'm looking for some guidance in the realm of security. I am in charge of creating some web services to be used by a PowerBuilder front end(changing this is not an option). What I've discovered is that PowerBuilder does not allow you to modify/add headers in any shape or form. So, adding in WS-Security compliant headers or some other form of authentication headers would require a lot more time than than desired(ie writing a custom soap lib). It does support HTTP-Basic authentication, but because of the way the user information is being stored it is not a feasible option, user info is being stored in client specific databases. I've come up with my own ideas, which include sending the "authentication" piece as part of the message. If anyone has any alternative ideas please let me know.
Thanks, Joe Plautz
