Showing posts from February, 2013

Applying Basic HTTP Authentication on Axis2 Web Services in Tomcat

Basic authentication is sort of authentication mechanism for restricting access of resources on tomcat. This is a simple way to limiting accesses but it uses easy to sniff plain http messages with base64 encoded username and password pair inside http header.  In order to apply basic http authentication on axis2 web services, please follow the steps, below: Add this config xml to tomcat-users.xml under conf directory. Go to \webapps\axis2\WEB-INF, add the following lines to web.xml. tag defines the url where to bind security constraints. Also, you can specifically define this security config for a specific service on axis2. secured services /axis2/services wsclient BASIC wsclient Start tomcat and test default web service(Version) on Axis2. There is little button “aut” written on its label, in soapUI test window. I fill the username and password as I set in tomcat-users-xml and select authorization type “preemptive”. Se