views:

39

answers:

1

Haay everyone.

I have a problem with a web service. I am using websphere to host my WAR appl and to generate the code from a wsdl i use jaxws-tools.sh that comes with websphere.

The problem that i have is this:

I would like that a client, whenever he wants to call my web application, that he has to send username and password so in can check it in the database and confirm his log in. The main thing of user loging in is that when client calls a function on my webservice, lets say "getBooks", the server returns him only the books he can see. "getBooks" function doesn't request any parameters, because he is loged in. When the user logs in i would create the session but i still need the user name and password. Any ideas how to request them?

I was looking at Axis2 and it isn't good for this job.

All the calls are made by SOAP.

Im sorry for any bad writing but im to much in a thinking rush here so sorry.

Here is a little sayHello war that i made for you to see how i work. Source code is in there too.
MyWebApplication

Im developing the web services in Java As container I am using WebSphere Runing JDK 1.6

For any help i would be very grateful. Thank you very much in advance.

Lp, Mesni

A: 

From The Elite Gentleman:

Set an Authorization on your server so that when anyone access your webservice, They have to authenticate else access will fail. Just like what RESTful API's do.

My add:

Then you can use the Light Weight Third Party Authentication (LTPA) to create a one-singin where you get a session cookie whit which you access to your application. The users that sing in have to be added into the websphere so they can be authenticated.

Mesni