Hi All,
I am thinking of using RAMPART module for ws security.
Requirement:
To perform endpoint authentication as well as user authentication.
Client endpoint authentication :- To allow only a configured client to invoke
the web service.
User authentication :- To allow only a specific user/actor to invoke the
service. The reason for this requirement is that the same endpoint can be used
by different type of users(Admin, CSR, normal user)
I have gone through various sample 1-8 supplied wih rampart 1.5 install.
Question:
1. Can I combine userName & WssX509V3Token10 token for user and endpoint auth ?
UserName token - for user authentication)
WssX509V3Token10 - for endpoint PKI credential authentication
2. Also can secure conversation benefits be available when the above two type
of tokens are used.
If you have any better suggestion to handle this requirement please let me know.
Harshit Bapna
Team Lead
Arcot Systems
