Please have a look at [1] and [2]. Thanks & regards. -Prabath
[1]: http://www.nandana.org/2008/09/accessing-username-used-for.html [2]:http://www.keith-chapman.org/2008/09/axis2-rampart-access-username-used-for.html Julien Sentier wrote:
Hi, I want to build a Web Service which return different response according to a profile/person. Let's imagine a getDefinitionById(id) operation. This operation should no be called by someone anonymous. If John calls it, it should response a definition from Thesaurus1. If Peter calls it, it should response the definitions from Thesaurus1, Thesaurus2 and Thesaurus3. Etc. To help me, I'm following this how-to: http://www.ibm.com/developerworks/java/library/j-jws7.html It explains how to add granularity to a WS. In the example there is: * The getBook operation can safely be exposed to anyone (no security). * The getBooksByType needs authorization (so requires a UsernameToken). * The addBook operation needs an audit trail to track who added each book (implemented by signing of the request messages). The last operation is the one that interests me. Is that really possible to know "inside" an operation which person called it, in order to return different responses? If it's not possible, could you help me find an alternative? Should I create a very similar operation by person?... I mean getDefinitionByIdForJohn(id), getDefinitionByIdForPeter(id), etc. Regards, Julien
