Hi guys, Did you know what is the most effective and secure to invoke the webmethods services, using Servlet or WSDL? For the connection to the IS i use Context, does it secure? thanks for yours suggestion, bhangun
I think you are mixing up terms/technologies a bit here. WSDL is a service contract not an actual service. Servlet is a thing which could actually be the service described in the WSDL. So from a security standpoint, the service described in the WSDL could actually be the same servlet you are talking about invoking. Doesn’t have to be but it could.
Not a big fan of invoking webMethods IS flow services without a bit of an abstraction layer. As far as security goes, you probably need to just spell out your requirements and then determine the best architecture to meet those requirements. Both servlets and web services can be made secure. But there is a difference in potential benefits behind these two things.
One potential advantage of some of the newer web service security is the ability to make the security a bit more portable through the web service message itself ie the message could traverse multiple systems caring security tokens with it. It gets a bit more complex and maybe to much for what you are trying to accomplish. Simply SSL :eek: based server certs will probably do the trick for you but that is hard to tell without knowing your requirements.