Passing user Authentication Data to Secured Webservice


XML & Web services: Passing user Authentication Data to Secured Webservice

  1. Hi All,

    I have a secured webservice deployed in one websphere server . My client j2ee web application running on another websphere server needs to invoke the webservice by passing the user credential of the logged in user.

    How do I transfer the user credential to the webservice?? Please help me in this regard.

    I have tried hardcoding the user id and pwd in the service stub and this works perfectly fine.

  2. Hi

    Try SAML




  3. I think, saml is not the right way for this scenario. The app cannot share the saml token which come from the browser redirection with an third party app. The token is generated only for a session with the authorized app, and is managed exclusively by the User Agent.

    I think, you can simply send signed soap messages with persistent id of users. Such persistent opaque-ids you can get using technologies as SAML.