IQJam by Elguji Software - How to secure a web service provider?

How to secure a web service provider?

So, I have the slightly weird situation in which I have a database where Anonymous has Reader access on the ACL, but in this database there is a web service which I want the user to be authenticated to use. If I change the security settings of the Web Service, then the service becomes completely invisible (i.e. a 404 error is generated) to the Anonymous user where I want the user to be prompted to enter a username and password when they try and consume the service.

If I set the ACL of the database to not allow Anonymous any access then the service can be consumed (in SoapUI for example) by passing username and password as HTTP headers on the web service request.

The question becomes, is there any way I can force the web service consumer to authenticate, but still allow the service URL to be visible and not result in a 404 error while having Anonymous have reader access to the database?

Domino Development / Web Services

Tagged

web services security

Matt White - 2 months ago | Permalink | Email | Viewed 86 times

Voting

There are 3 Answers

By Date
Active Tab
By Votes

1votes

I just happened to see this recently:

http://www-01.ibm.com/support/docview.wss?rs=899&uid=swg21295968

Not sure it will help, but it may.

Bill Kron - 2 months ago | Permalink

Voting

0votes

I hadn't seen that Bill thanks. It was the only solution that I could think of it but it felt wrong to me, was hoping there was some way that basic authentication on the design element could be used.

Matt White - 2 months ago | Permalink

Voting

0votes

Glad that it helped!

Bill Kron - 2 months ago | Permalink

Voting

There are 3 Answers

IQSpaces

Latest Answers for Domino Development / Web Services

Welcome to IQJam

Tags for Domino Development / Web Services

Experts for Domino Development / Web Services