2 Replies Latest reply on Feb 15, 2010 8:30 AM by Sohil Shah

    Security using JBoss Authz in a Web Services based SOA approach

    balaji Chinan Newbie


      We are working on a solution based on Web Services based Service Oriented Architecture, which comprises of a collection of Web Services catering to multiple clients - desktop, mobile, web consoles, etc., for various business needs. The clients can communicate with any of the Web Services and the services can communicate with one another for acheiving the application functionalities. We are trying to integrate JBoss Authz in the server side for providing permission based access to the client side users. 
      As each of the Services cater to different business needs, it would not be right to provide a single web service interface and expose all the underlying services methods in the enforcement and provisioning layer. Is it possible to build an independent enforcement and policy provisioning layer for all the web services?. Can you provide inputs on how we can achieve security using JBoss authorization concepts in a Web Services based SOA approach?