java / web services

Posted on 2005-04-07
Last Modified: 2013-11-21

I need to write some server-side java files.  The java will generate a successful token which can be stored in a db until a user logs out

Once the security java classes have been written I need to create a web service where 3rd parties can log in, this talks to my server-side java files generates the token and allows any 3rd party in to access information on our db.

The java and web service have to be secure, so i'm thinking of Apaxhe Axis, http, SSL, XML and creating a WSDL file.  

Because I'm new to all this I really have no idea where to start

Has anyone written a logon web service and can give me some advice?  

Am I right in writing the java files first to get the security under wraps and then write the web service to gain access to our db so 3rd parties can get their info.  The data the 3rd party can have access to will come down in a XML formatted file (the WSDL file) for the 3rd party to do with what they please

Thanks in advance
Question by:plork123
    LVL 29

    Accepted Solution

    A good place to start is the tutorial from Sun

    Security is always a good place to start but how are you thinking of implementing it? You must use HTTPS, that's a given, but you have the option of "BASIC" authentication, Axis handlers using Custom Authentication or other methods.

    >The data the 3rd party can have access to will come down in a XML formatted file (the WSDL file) for the 3rd party to do with what they please
    The WDSL file is used to describe the service, e.g. the datatypes used by the service, not the actual data.

    LVL 29

    Expert Comment

    If you're in the lookout for a book then "Java Web Services" by  Bequet, Kunnumpurath, Rhody, and Tost from Wrox (
    is pretty good.

     I'm not normally a fan of Wrox but this one's not bad and very applicable for you as it has a whole chapter on Securing Web Services (Chapter 9) which deals with what I've discusssed above and other things such as WS-Security, WS-Policy, WS-Authorization and the rest of the WS security standards (and yes, there are loads!).

    Author Comment


    Thanks for the advice

    Like yourself I'm not a fan of Wrox, but after laods of good reivews I ordered this book from Amazon, but unfortunately it's a 4 - 6 week wait :-(

    I've not tried the tutorial, although I've tried others, so i'll give the sun one a go.

    Have you done anything like this before?


    LVL 29

    Expert Comment

    Yes, but only to a point. I had some slow time in October and one of the things I did to keep me amused was some Web Services. I only did the basic security version over http and all the rubbish bits (like UDDI)  aside it was pretty simple.

    4-6 weeks! Where are you based, Halley Research Station?!

    Author Comment


    No, UK (but might as well be the research station).   Should have got it from th US but it's too late now, might as well keep waiting

    Would it be possible to post some stuff / email some samples of what you did ??????

    LVL 29

    Expert Comment

    Not sure I still have it but I'll hunt around. Since Wrox went bust it's been a bit of an issue getting their books...

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Suggested Solutions

    Title # Comments Views Activity
    copyEndy  challenge 15 37
    countAbc challenge 9 35
    computer science syllabus 3 37
    Which is the latest version of Apache Tomcatl 3 20
    I had a project requirement for a displaying a user workbench .This workbench would consist multiple data grids .In each grid the user will be able to see a large number of data. These data grids should allow the user to 1. Sort 2. Export the …
    Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
    Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
    Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now