Probably the easiest way to handle this is by setting use-servlet-security to true in the AxisServlet init-params in web.xml.
If you need to implement your own authentication and just want to use HTTP authentication to access the username and password, in your AuthenticationHandler raise an AxisFault with the faultcode set to "Server.Unauthenticated" if MessageContext.getUsername() is null. AXIS will return an HTTP status of 401. Once AXIS receives a request with a proper authentication header, it will set the username and password properties for you. If authentication fails, raise an AxisFault with a fault code of "Server.Unauthorized". If successful, set the MessageContext.AUTHUSER property of the MessageContext to the value returned from SecurityProvider.authenticate(). HTH, Ian Ian D. Stewart Open Systems Engineer II Enterprise Midrange - Bank One Infrastructure & Operations [EMAIL PROTECTED] (614) 213-6100 Marc Boorshtein <[EMAIL PROTECTED]> on 07/30/2003 12:25:08 PM Please respond to [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Authenticating Users in AXIS Is there any documentation on authenticating users in AXIS via http? I see the HTTPAuth class, but I have no idea how it works and I cant find any documentation. Thanks -- Marc Boorshtein <[EMAIL PROTECTED]> OctetString This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you.
