Hi all,
I've got 2 way encryption working using wss4j, and very nicely it runs
too. At the moment I'm designing another web service that I would like
to provide some security on. Basically we want to be able to say that
only people we want can use the service (authentication) and that
nobody can listen in on confidential data (encryption).
The question is, how do I best maintain a list of clients that are
allowed to connect to the service, and how do we go about checking a
connecting client against that list?
Any links people have on this matter would also be appreciated. I've
looked over the OASIS WS-Security authentication specification, but, to
be honest, most of that went over my head.
Thanks in advanced,
Tim
- Newbie 'best practise' question Tim Williams
- RE: Newbie 'best practise' question Granqvist, Hans
