[jboss-user] [JBossWS] - Web service security, how to filter client IP address?
cardel
do-not-reply at jboss.com
Sun Jul 6 07:57:24 EDT 2008
I am using basic authentication (username, password) in my web services. So client have to authenticate to endpoint provider. But I would like to know, how to secure my web service endpoint servlet. I would like to allow connection only to clients with specified IP address.
my web.xml
| <!-- START WS authentication -->
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>All webservices</web-resource-name>
| <url-pattern>/ws/*</url-pattern>
| <http-method>POST</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>wsrole</role-name>
| </auth-constraint>
| <user-data-constraint>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>BASIC</auth-method>
| <realm-name>Security Realm</realm-name>
| </login-config>
|
| <security-role>
| <role-name>wsrole</role-name>
| </security-role>
| <!-- END WS authentication -->
|
| <servlet>
| <servlet-name>BareEndpoint</servlet-name>
| <servlet-class>hcp.service.BareEndpointBean</servlet-class>
| </servlet>
|
| <servlet-mapping>
| <servlet-name>BareEndpoint</servlet-name>
| <url-pattern>/ws/bareservice</url-pattern>
| </servlet-mapping>
|
I would like to use this kind of security to deny access to BareEndpoit servlet and only client(s) with specified IP can read wsdl from /ws/bareservice?wsdl address and call some endpoint actions.
Thank you for some useful tips.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4162661#4162661
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4162661
More information about the jboss-user
mailing list