Hello
I am in the process of adding a web service to an existing web application, I have a web service working OK and now I need to configure it so that authentication is necessary. I am not doing any encryption.
The existing web application uses FORM based authentication, configured in web.xml with the following:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>CustomRealm</realm-name>
<form-login-config>
<form-login-page>/login/login.jsp</form-login-page>
<form-error-page>/login/error.jsp</form-error-page>
</form-login-config>
</login-config>
From what I have read, I take it that a web service needs to do BASIC authentication, as described at:
http://jgeeks.blogspot.com/2008/04/basic-security-on-jaxws-20.html
So as I see it, this web application needs 2 different login-config entries in the web.xml file, one for users with a web browser, another for web services.
Am I on the right track here ?
Any idea how to configure this ?
[Message sent by forum member 'vincewebb' (vincewebb)]
http://forums.java.net/jive/thread.jspa?messageID=334053