Learn how to a build a cloud-first strategyRegister Now


java / web services

Posted on 2005-04-07
Medium Priority
Last Modified: 2013-11-21

I need to write some server-side java files.  The java will generate a successful token which can be stored in a db until a user logs out

Once the security java classes have been written I need to create a web service where 3rd parties can log in, this talks to my server-side java files generates the token and allows any 3rd party in to access information on our db.

The java and web service have to be secure, so i'm thinking of Apaxhe Axis, http, SSL, XML and creating a WSDL file.  

Because I'm new to all this I really have no idea where to start

Has anyone written a logon web service and can give me some advice?  

Am I right in writing the java files first to get the security under wraps and then write the web service to gain access to our db so 3rd parties can get their info.  The data the 3rd party can have access to will come down in a XML formatted file (the WSDL file) for the 3rd party to do with what they please

Thanks in advance
Question by:plork123
  • 4
  • 2
LVL 29

Accepted Solution

bloodredsun earned 400 total points
ID: 13725515
A good place to start is the tutorial from Sun

Security is always a good place to start but how are you thinking of implementing it? You must use HTTPS, that's a given, but you have the option of "BASIC" authentication, Axis handlers using Custom Authentication or other methods.

>The data the 3rd party can have access to will come down in a XML formatted file (the WSDL file) for the 3rd party to do with what they please
The WDSL file is used to describe the service, e.g. the datatypes used by the service, not the actual data.

LVL 29

Expert Comment

ID: 13725556
If you're in the lookout for a book then "Java Web Services" by  Bequet, Kunnumpurath, Rhody, and Tost from Wrox (http://www.amazon.com/exec/obidos/tg/detail/-/1861007531/qid=1112871578/sr=1-1/ref=sr_1_1/103-6485156-1871039?v=glance&s=books)
is pretty good.

 I'm not normally a fan of Wrox but this one's not bad and very applicable for you as it has a whole chapter on Securing Web Services (Chapter 9) which deals with what I've discusssed above and other things such as WS-Security, WS-Policy, WS-Authorization and the rest of the WS security standards (and yes, there are loads!).

Author Comment

ID: 13727499

Thanks for the advice

Like yourself I'm not a fan of Wrox, but after laods of good reivews I ordered this book from Amazon, but unfortunately it's a 4 - 6 week wait :-(

I've not tried the tutorial, although I've tried others, so i'll give the sun one a go.

Have you done anything like this before?


Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 29

Expert Comment

ID: 13727719
Yes, but only to a point. I had some slow time in October and one of the things I did to keep me amused was some Web Services. I only did the basic security version over http and all the rubbish bits (like UDDI)  aside it was pretty simple.

4-6 weeks! Where are you based, Halley Research Station?!

Author Comment

ID: 13728039

No, UK (but might as well be the research station).   Should have got it from th US but it's too late now, might as well keep waiting

Would it be possible to post some stuff / email some samples of what you did ??????

LVL 29

Expert Comment

ID: 13728158
Not sure I still have it but I'll hunt around. Since Wrox went bust it's been a bit of an issue getting their books...

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.
Suggested Courses
Course of the Month20 days, 15 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question