Map Authenticating web services clients using HTTP basic authentication

A simple way to provide authentication data for the service client is to authenticate to the protected service endpoint by using HTTP basic authentication. HTTP basic authentication uses a user name and password to authenticate a service client to a secure endpoint.

Before you begin

You can use either message-level security (WS-Security) or transport-level security:

About this task

WebSphere® Application Server can have several resources, including web services, protected by a Java Platform, Enterprise Edition (Java EE) security model.

HTTP basic authentication is orthogonal to the security support provided by WS-Security or HTTP Secure Sockets Layer (SSL) configuration.

A simple way to provide authentication data for the service client is to authenticate to the protected service endpoint using HTTP basic authentication. The basic authentication is encoded in the HTTP request that carries the SOAP message. When the application server receives the HTTP request, the user name and password are retrieved and verified using the authentication mechanism specific to the server.

Although the basic authentication data is base64-encoded, sending data over HTTPS is recommended. The integrity and confidentiality of the data can be protected by the SSL protocol.

Procedure

  1. Develop and assemble a web services application.
  2. Deploy the application.
  3. Configure HTTP authentication for the application.




In this information ...


(Index)

IBM Redbooks, demos, education, and more


Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.



Terms of Use | Feedback

Last updated: Sep 19, 2011 6:13:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-dist&topic=twbs_auwschta
File name: twbs_auwschta.html