Using RolesAllowed and SecurityRole annotations to secure Webservices on Weblogic

1. Write a JWS that uses the RolesAllowed and SecurityRole annotation package examples.webservices.security_jws; import weblogic.jws.WLHttpTransport; import weblogic.jws.Policies; import weblogic.jws.Policy; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; import weblogic.jws.security.RolesAllowed; import weblogic.jws.security.SecurityRole; @WebService(name="SecureHelloWorldPortType", serviceName="SecureHelloWorldService", targetNamespace="http://www.bea.com") @SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle=SOAPBinding.ParameterStyle.WRAPPED) @WLHttpTransport(contextPath="SecureHelloWorldService", serviceUri="SecureHelloWorldService", portName="SecureHelloWorldServicePort") @RolesAllowed ( { @SecurityRole (role="testrole") } ) public class SecureHelloWorldImpl { @WebMethod()

Continue reading »

Webservice Security – WS-Trust and WS-SecureConversation an overview

Webservices “A Web Service is a system designed to support interoperable communication from machine to machine over a network. It includes an interface described in a machine-processable format (WSDL), and is typically conveyed using HTTP with XML serialization.” Webservices exist in a wide range of architecture, technologies and software design.

Continue reading »