|
Hi, I have a requirement to use two different security
solutions on one web service: -
HTTPS -
HTTP with WSS (TBC, probably
Signatures) Ideally I’d like to be able to deploy the service as
one web application on one JVM. Is it possible to invoke the WSS4J security
handlers dynamically from within my service? For example, when first receiving
the request: if (!request.isSecure()) { ..check signature is valid.. } else { ..don’t need to worry.. } Then when sending a response: if (!request.isSecure()) { ..sign the response.. } else { ..leave response alone.. } Thanks,
Technical Architect CONFIDENTIALITY
& PRIVILEGE NOTICE This e-mail is confidential to its intended recipient. It may also be privileged. Neither the confidentiality nor any privilege attaching to this e-mail is waived lost or destroyed by reason that it has been mistakenly transmitted to a person or entity other than its intended recipient. If you are not the intended recipient please notify us immediately by telephone or fax at the numbers provided above or e-mail by Reply To Author and return the printed e-mail to us by post at our expense. We believe, but do not warrant, that this e-mail and any attachments are virus-free, but you should check. We may monitor traffic data of both business and personal e-mails. We are not liable for any opinions expressed by the sender where this is a non-business e-mail. If you do not receive all the message, or if you have difficulty with the transmission, please telephone us immediately. |
