web services security and authentication

[Vikas Phonsa]

Title: Axis 1.2RC1 and WebSphere Application Developer 5.1.2

Hi Everybody,   I’m trying to develop a B2B web service (for the first time) and am looking for some direction regarding security and authentication mechanisms that could be used with web services in Axis (in web sphere 5.1 environment).   Coding a user name and password in a soap message seems kind of a raw approach.   I would like to know what others are using. Since the service would be exposed on the internet, the chief aims would be   To avoid flooding of the server with bogus requests Credential Authentication or maybe method level authentication ( I won’t be using EJBs ) Anything that I can’t think of.   And I would be deploying this web service in web sphere 5.1 environment.   I would appreciate if someone could show direction.   Thanks in advance.   Thanks   Vikas