Scout/JAXWS-RT/Webservice Provider authentication

Authentication of webservice requests is not done by Serlvet filters, but webservice handlers instead. Scout provides the following authentication mechanism:

• BasicAuthenticationHandler
• WsseUsernameTokenAuthenticationHandler

This list is not complete, meaning that you can implement your own authentication mechanism.

An authentication handler knows how to extract credentials from within a request. In turn, it passes the requests's credentials to a configured credential validation strategy (ICredentialValidationStrategy) to be validated. This enables you to arbitrary combine an authentication mechanism with a credential validation strategy such as LDAP, database or config.ini.