Java Web Service - Secure Web Methods from the User

Question

Java Web Service - Secure Web Methods from the User

Java web service, is it possible to expose different methods to different users?

For example, I have 10 methods in my web service, but I want to allow the user access to only 1 or 2 methods, how can this be done?

+5

java web-services

Rosdi Kasim Aug 16 '11 at 2:35

source share

2 answers

Naved · Answer 1 · 2011-09-12T10:58:38+0000

I think you cannot completely hide methods from the user. The only thing you can do is provide only the necessary information to a specific user. In one of my applications, I implemented this using the Decorate Design Pattern. I will try to explain this.

, -. 2 - ( UserAccess). -.

, CommonA, 1 ~ 10. - , ForUserA 1 2, 1 2 CommonA. .

, - .

Foumpie · Answer 2 · 2011-09-12T12:01:54+0000

- , webservice, - .

SAOP REST HTTP, . , / -, .

SOAP.

@Resource WebServiceContext wsContext;

MessageContext mc = wsContext.getMessageContext();
HttpSession session = ((javax.servlet.http.HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST)).getSession();
String username = (String)session.getAttribute("username");
if(username.equals("userA") {
    // Do your thing
} else {
    throw new WebServiceException("Not allowed to access this method."); 
}

Java Web Service - Secure Web Methods from the User

More articles: