[jboss-user] [JBossWS] - Protected Access to WSDL - How to define required Security R

centecbertl do-not-reply at jboss.com
Tue Nov 20 05:33:26 EST 2007


according to JBWS-723 it is possible to protect access to the WSDL requests of  Web-Services. Looking at it in more detail it appears that access does require only any valid login, but is not restricted to specific security roles.

Is it possible to restrict the access to WSDL´s of Web-Services in a role based manner per Web-Service? 

Use case: We have a full web-service API for internal use. For Clients we want to make one or two of these services available without publishing the full API structure (services, data structures,...) related to internal web-services. So the idea is that access to internal web-services and their WSDL requires a security roles which are not granted to clients.

Kind Regards

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4106292#4106292

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4106292

More information about the jboss-user mailing list