I'm writing this into the JBoss security forum because I can't find any better place to put it. I hope I will get some good answers or at least good advices of how to implement a security model in a multi language SOA environment.
I have an environment where we have some Perl models running in an Apache (httpd). We have some Java web services, some Perl web services, some other external applications. So it's just an pretty normal environment.
My problem is to define and implement a security model in the environment. I want to secure data on user/group level, but I also want to restrict access to web service operations and Perl functions per user/group level.
Do you know how to do this, some articles about where to start?