users@glassfish.java.net

Mixed Authentication Methods between Web Sites and Web Services

From: <glassfish_at_javadesktop.org>
Date: Thu, 22 Jan 2009 10:09:16 PST

Greetings,
We have an enterprise application deployed to GlassFish v2ur2. Through the admin panel, we have added a Realm, jdbc datasource and a connection pool. My web.xml has a login-config element with auth-method and realm-name child elements. I am unsure how to accomodate both a FORM authentication mechanism for a web site login and the CLIENT-CERT or BASIC mechanism for a web service. This would allow users to login and roles applied per their group association. Furthermore, I would like to secure the web service in the same realm with at a minimum the BASIC authentication\authorization mechanism.
-Michael
[Message sent by forum member 'codealchemist' (codealchemist)]

http://forums.java.net/jive/thread.jspa?messageID=327687