How do secure my web service method using SpringNet ws framework.
My currently web service layer is using WSE2 security token to security my methods. What are the underlying technology behind the springNet ws framework. I do see the clientproxyfactory has a password and userid, is this the same implmentation as WSE2 security token methodlogy?

Thanks

Hi Tony,

All authentification properties in WebServiceClientFactory are used to retrieve the wsdl file from the url configured.
Actually these properties are also used for a basic authentification if needed, but i will remove this option. The fact is the wsdl file and the webservice can be hosted by 2 different servers so it will not work in this case.
And i want to add another option to use a local wsdl file.

For authentifications, i'm thinking about creating aspects :
An advice for BasicAuthentification, another one for ClientCertificateAuthentification and some WSE authentification advices.

I wrote some time ago an advice for WSE 2.0 SP3 using User Tokens , i just updated the example that was using it, to make it work with the current WebServiceClientFactory.
You can get it from CVS @ "src\POC\WebServices\Calculator\"


It consists in 2 advices :
- UsernameSigningServerSideAdvice to use with the WebServiceExporter on the service side. It needs an UserTokenManager to work.
- UsernameSigningClientSideAdvice to use with WebServiceClientFactory on the client side. It needs an username and a password to sign in.


-Bruno

Hi,

I uploaded a sample of WSE2 integration in the forum questions wiki page (http://opensource.atlassian.com/confluence/spring/display/NET/Forum+Questions).


Cheers,
Bruno