On Mon, Apr 27, 2009 at 7:50 PM, Sam Carleton scarle...@miltonstreet.comwrote:
How should one implement access control to my Axis2/C services? As it
stands right now anyone can access my services and I need to know who the
person is, somehow, I am wide open for options, I need to get a username
from the client.
I am hosting Axis2/C in Apache and I do have modified one of the basic
authentication modules to my needs. Should I be leveraging that or should I
chunk it in favor of one or more of the WS-*?
You can make use of basic auth of apache httpd if that is sufficient for
you.
If you want end to end security, you should look into using WS-Security,
with Rampart/C.
Samisa...
Sam