Reputation: 342
Web Service authentication in Java EE
When developing a Web service(Hospital Management System) using Java EE, is it necessary that for each Web Service call, it has to be checked that the user is logged in??
Which authentication method is the best JAAS, WS-Security, SAML, or a combination or using own tokens??
Upvotes: 4
Views: 3116
Answers (2)
Reputation: 5792
It all depends on how is your web service implemented/or its going to be. If you still have a choice I would recommend going with REST approach, authenticate the user with some kind of login functionality and then maintain users session.
Upvotes: 1
Reputation: 521
You can use filters.
Here's an example of how to use filters:
Basically you define the url's where you want the filters to apply, the filter authorizes the user and then calls chain.doFilter(request, response); to call the requested method after authorization.
You can also take a look at this jax-rs rest webservice authentication and authorization
Personally, I use tokens for authorization.
Upvotes: 1
Related Questions
- Java Web Service client basic authentication
- User authentication in SOAP Webservices
- How to authenticate a Web Service Client with JAX-WS / SOAP
- How to authenticate soap based java web services?
- User authentication in java web services
- User authentication for web services in Java
- Secured authentication in web service
- Security with Web Services in Java
- Java authentication, authorization service (JAAS)
- Security and authentication in web services