322


Security for Web Service Interactions


7.3.4.1


Controlling Access to Web Tier Endpoints


To control access to a Web component such as a Web service endpoint, the Web


deployment descriptor specifies a 


security constraint


 element with an 


auth 


constraint


 subelement. Code Example 7.10 illustrates the definition of a protected


resource in a Web component deployment descriptor. The descriptor specifies that


only clients acting in the role of 


customer


 can access the URL 


/mywebservice


. Note


that this URL maps to all the methods in the service endpoint interface. Hence, all


methods have the same access control.




....






orderService


/mywebservice


POST


GET






customer






...




...choose either basic or client(for mutual authentication)






customer






Code Example 7.10


Web Resource Authorization Configuration


In addition to controlling access to Web components, an application can


provide unrestricted access to unprotected resources, such as a Web service end 


point, by omitting an authentication rule. Omitting authentication rules allows


unauthenticated users to access Web components. 








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      
 

    

  

  




Our web partners:
Inexpensive 
Web Hosting 



Java Web Hosting


personal webspace


webspace php 


linux webhost
 




 html web templates




DreamweaverQuality Web Templates


PSD Web Templates
 





cheap webhost


j2ee web Hosting


buy webspace


ftp webspace


adult webspace
 





frontpage WebHosting


webspace hosting


cheap webhost


Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved



aol web hosting