I'm just trying to develop an internal web service for a news agency which is connected to a MySQL database where all the authentication/news data remains. The purpose of all of this is to generate an XML version of the article/ list of articles depending upon the client's subscription, so it can be shown by a mobile frontend that I am working on, using Java Server Faces.
Up to date, I have generated and annotated JPA entities from my database using Eclipse, as well as created a Stateless Session Bean so it can be published as a web service. All of this works absolutely fine, so it's time to take it to the next level, but I don't know where to start. I managed to set up a custom authenticator provider within WebLogic using my database, but don't really know if that's handy and where to go next. I also had a look on OpenAM but thought there should be something native to either JAX-WS or WebLogic.
How could I approach this? The requirements as far as I can see would be:
- One time authentication.
- Using username/password stored on a MySQL table.
- Authentication data provided within the SOAP message? (The client would log in through the JSF frontend, sending that data to the WS to check if it's valid).
Thanks!!!
p.s.: I did Java a long time ago, so I've been "disconnected" from the latest technologies/methodologies, so although my question goes quite straight to the point, if you think there would be a better way to accomplish what I've done so far just let me know, please.
