Re: Crypting the webservice responses in AXIS

From:

=?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk>

Newsgroups:

comp.lang.java.programmer

Date:

Wed, 04 Apr 2007 20:43:10 -0400

Message-ID:

<4614460c$0$90266$14726298@news.sunsite.dk>

ffellico@gmail.com wrote:

I have a webservice in tomcat/axis with a method that send back a
byte[] response.

I have seen that to send back the array of bytes, AXIS trasform it in
a BASE64 String (i think only to trasport it); the client retreive the
original array without problems because on the client side the BASE64
String is automatically reconverted in the original array of bytes.

Before the BASE64 String is sended back, I am interested to encrypt it
(with a my routine) and naturally at the client side I need to decrypt
it, so the application can receive the correct file.

Can anyone suggest me a way to insert in suitable places the crypt/
decript code?

Alternatively, it is possible in some way to ask AXIS to crypt/decrypt
the responses automatically?

Have the web service transform it:
unencrypted byte[] -> encrypted byte[]

And the client:
encrypted byte[] -> unencrypted byte[]

If you use a standard algorithm like 3DES or AES, then
it is even portable.

You can also look at using WSS (WS-Security), but at least in Axis 1
that was a pretty complex task.

Say if you want to go that route - I do have some working code on
the shelf.

I have not used WSS with Axis2 yet, so I can not say how difficult
that is.

Arne