Secure Java SOAP web service - Active Directory authentication Trust

StackOverflow https://stackoverflow.com/questions/325637

Question

I want to build a secure web-service betweeen a Java producer and a Java consumer. I want to authenticate using Active Directory using the domain accounts that the producer and consumer are running under.

Could you give me an example of this?

(ie: AD trusted automated alternative to manual keystores.)

Was it helpful?

Solution

Look at Spring WS and the and security certificate authentication, 7.2.2.1.3 JaasPlainTextPasswordValidationCallbackHandler, and 7.2.2.3.3 JaasCertificateValidationCallbackHandler.

There are some examples that tie this together through additional research.

OTHER TIPS

Here's an open source library, http://spnego.sourceforge.net/protected_soap_service.html, that has an example of exactly what you are looking to do.

This open source project has an example on how to require authentication (basic auth or Kerberos/Integrated Windows Authentication) via servlet filter.

The project also has an example on how to create a soap client that needs to connect to a protected soap service.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top