Passing user Authentication Data to Secured Webservice

Discussions

XML & Web services: Passing user Authentication Data to Secured Webservice

  1. Hi All,

    I have a secured webservice deployed in one websphere server . My client j2ee web application running on another websphere server needs to invoke the webservice by passing the user credential of the logged in user.

    How do I transfer the user credential to the webservice?? Please help me in this regard.

    I have tried hardcoding the user id and pwd in the service stub and this works perfectly fine.

    Regards
    Shiva
  2. Hi

    Try SAML

     

    Regards

    PC

  3. I think, saml is not the right way for this scenario. The app cannot share the saml token which come from the browser redirection with an third party app. The token is generated only for a session with the authorized app, and is managed exclusively by the User Agent.

    I think, you can simply send signed soap messages with persistent id of users. Such persistent opaque-ids you can get using technologies as SAML.

    Regards