Let me elaborate and clarify. After a more rigourous authentication procedure, I have a token to be sent with future web service invocations as a HTTP header (this will always be transport specific).
The webservice will be invoking EJBs, however certain EJBS will require a check of the validity of the token as well as username and password, and possibly other transport specific information (IP Address). I have looked at adding request handlers, modifying (extending) the AXIS servlet, etc, but am unsure of the most architecturally sound way of doing this, knowing that at some point I may have to make this (more or less) compatible with WS4EE, not to mention I would like to accomplish this with as little pain as possible. Any suggestions? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3858948#3858948 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3858948 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
