RE: [xfire-user] http basic auth documentation

Conor MacMahon Wed, 15 Aug 2007 15:29:03 -0700

Hi Matthew,
                Sounds like the security model you're using has the same
needs as the manager application within tomcat (i.e. running at
http://localhost:7080/manager/html/list)? If so, maybe you can just use
that security model, which does typical J2EE security url constraints,
within the web.xml (i.e.
$CATALINA_HOME\server\webapps\manager\WEB-INF\web.xml). That manager
also uses tomcat-users.xml, so it would be very easy to migrate you're
existing context to mimic the manager one?
                Just means you don't have to do anything fancy with
HTTP/SOAP headers, the security is done using the typical known (and
trusted!) way of url mapping security constrains within your web.xml?
Sorry in advance if I have missed a reason why the above was not
suitable for you :).
Best,
Conor


________________________________

From: Matthew Kerle [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, 15 August 2007 2:22 PM
To: [email protected]
Subject: Re: [xfire-user] http basic auth documentation


Hi Yogesh.

Thanks for your input, the application will be deployed to an intranet,
so will don't need any SSL or message digest encryption. The client api
doc link is good but doesn't that apply to the client side? 

My question relates to accessing HTTP or SOAP headers from the
ServiceImpl class on the server side from xFire...


-- 


Matthew Kerle
IT Consultant 
Canberra, Australia


Mobile: +61404 096 863
Email:     <mailto:[EMAIL PROTECTED]> < Matthew Kerle
<mailto:[EMAIL PROTECTED]> 
Web:      Matthew Kerle <http://threebrightlights.blogspot.com/> 


Yogesh Chawla - PD wrote: 

        Hi Matthew,
        Here is some xfire documentation on using basic auth. 
        I think you could use this in conjuction with https (a
        self signed cert on the server is probably fine):
        
        http://xfire.codehaus.org/Client+API
        
        Basic Auth on Tomcat
        http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
        
        Perhaps this will work for you?
        
        Cheers,
        Yogesh
        
        
---------------------------------------------------------------------
        To unsubscribe from this list please visit:
        
            http://xircles.codehaus.org/manage_email
        
          

--------------------------------------------------------------------- To
unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This email (including any attached files) is for the intended 
recipient(s) only. If you received this email by mistake, please, 
as a courtesy, tell the sender, then delete this email.

The views and opinions are the originator's and do not necessarily 
reflect those of the Queensland Studies Authority. All reasonable 
precautions have been taken to ensure that this email contained no 
viruses at the time it was sent.

RE: [xfire-user] http basic auth documentation

Reply via email to