I implement the Java server application that should work with the number of customers and provide the requested information from the database. This information was client-specific, from my point of view, there was an option between socket connections and web services. Web services were seen quite naturally for this type of work. I started searching for information about web services with username / password authentication and came to WS-Security and then things became very complicated.
I use the Metro, its manual needs to be configured via Netbeans, Glassfish and Netbins GUI. I installed it and was confused by many options and settings related to WS-security. To ensure that everything is going well, I need to sign up and encrypt the message. For that I need a bunch of public / private keys and certificates that must be distributed to the client. When new client registers have to update keystore, generate new keys and seats and so on. My data is not confidential It's just the online game characters characters and I really do not need all the stuff with privacy and encryption. I think the username and password are sufficient. I have also read that the encryption produces a bigger upper hand on handling the message and if it is a big load, I am afraid that this performance can hamper.
So I WS- Your Advice Is it a good condition to use WS or is it better to implement it with sockets? Do I Need WS-Security? If so, here are the curts and keys for a big deal? Because at the moment it looks very complicated (probably because I'm too tired to read all those security glasses, encryption details etc).
Thank you!
WS- * is very heavy, so do not mind about being confused by it. On the other hand, I think that the chairs are a bit bare, try REST, not secure by encrypted HTTP Basic authentication with HTTPS? There should be a lot of tutorials on the web to follow.
Comments
Post a Comment