Hi Shobha,
In my last mail, I only provided the easiest way that
I believe. However, if you really want to implement any
your specific authentication, you will be able to proceed
by the following architectures, I named "Web Service based
proxy"; :-)
- You have to implement your specific authentication in
your handleRequest() method of the JAX-RPC Handler.
- If it's denied in the authentication, you have to block
the following Web Service by "return false;".
- In this case, you also have to create a SOAP response
message in your handleResponse() method.
- You have to implement a Web Service as if it's a SOAP
client for the actual WebService what is in the inside
of the Firewall.
Be careful, if you want to use WSDL in your client for
your "actual" Web Service. Because you may also have to
handle it on your proxy. I didn't mention regarding this
matter.
Regards,
Toshiyuki Kimura <[EMAIL PROTECTED]>
R&D Headquarters
NTT DATA Corp.
-----Original Message-----
From: Shobha Rani Jagathpal [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 12:56 PM
To: [EMAIL PROTECTED]
Subject: RE: SOAP request redirection
Hi,
It can be any of the mentioned methods which is not clear right now.
For time being it is assumed to proceed that ip based authentication
will be used.
I cannot even proceed with handlers now. Because when the client request
is not able to find the target webservice in the requested server, it
immediately gets a response stating that the requested service is not
found. I am not sure about the way to proceed with axis now.
As I was on leave,I could not reply immediately. :((
Regards,
Shobha Rani J
> -----Original Message-----
> From: Toshiyuki Kimura [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 14, 2003 2:38 PM
> To: [EMAIL PROTECTED]
> Subject: Re: SOAP request redirection
>
>
> Hi Shobha,
>
> What kind of authentication do you wish ? In other words,
> what's the target of the authentication, for example the SOAP
> client software, the SOAP client machine, or the actual
> client person ?
>
> And how ? By just one pair of User Id and Password ? If
> so, how do you like to use HTTP Basic Authentication ? It
> won't require an additional development of Handlers to you.
>
> Regards,
>
> Toshiyuki Kimura <[EMAIL PROTECTED]>
> R&D Headquarters
> NTT DATA Corp.
>
> -----Original Message-----
> From: Shobha Rani Jagathpal [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 10, 2003 10:47 PM
> To: [EMAIL PROTECTED]
> Subject: RE: SOAP request redirection
>
> Hi,
>
> I need to develop a SOAP proxy. I was thinking that by
> using handler I'll authenticate the request coming for a
> webservice and then allow it to access the actual webservie.
> So the flow will be as follows
>
> SOAP Client
> |
> V corp A
> ===[ Firewall ] ===
> |
> V
> { Internet }
> |
> V goes back to client
> ===[ Firewall ]=== ^
> | corp B |
> V
> [ Webserver in DMZ ] --->(Not authenticated)
> Authentication webservice
> | If authenticated allowed to access the webservice
> V
> -------[ Firewall ] -------
> |
> V
> [ SOAP Server ]
> Any webservice
>
> Regards,
> Shobha Rani J
>
> > -----Original Message-----
> > From: Toshiyuki Kimura [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, January 10, 2003 6:29 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: SOAP request redirection
> >
> > Hi Shobha,
> >
> > Why do you need a redirection ? If you want to have
> dynamic changes
> > of the end-point service, it is not allowed.
> >
> > If you just want to clear the network security problem
> > like as the following figure (i.e. The SOAP client can't
> access to the
> > SOAP server directly), you don't have to implement any handlers.
> > You'll be able to use some proxy or plug-in software
> > for your web server. I don't know what you're using.
> >
> > [SOAP Client]
> > |
> > V Corp. A
> > ===== [Firewall] ==========
> > |
> > V
> > (Internet)
> > |
> > V
> > ===== [Firewall] ==========
> > | Corp. B
> > V
> > [Web Server] in DMZ
> > |
> > V
> > ----- [Firewall] ----------
> > |
> > V
> > [SOAP Server]
> >
> > Regards,
> >
> > Toshiyuki Kimura <[EMAIL PROTECTED]>
> > R&D Headquarters
> > NTT DATA Corp.
> >
> > -----Original Message-----
> > From: Shobha Rani Jagathpal [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, January 09, 2003 10:25 PM
> > To: [EMAIL PROTECTED]
> > Subject: SOAP request redirection
> >
> > Hi,
> >
> > Which handler should be implemented in axis to intercept the
> > SOAP request and redirect it to another SOAP server where the
> > service is actually present. I have written a handler which
> > extends to BasicHandler. But if the service is not available
> > in the same server, I get the following exception.
> >
> > Execution failed. Exception: The AXIS engine could not find a
> > target service to invoke! target Service is FunctionService
> >
> > Can I configure axis engine in some way to look for the
> > target service in other server.
> >
> >
> > Thanks and Regards,
> > Shobha Rani J
