[Wsf-general] Exposing a Database as a Webservice

[Chamil Thanthrimudalige]

hi all,

It is a way to expose some/all of the content in a database as  
Webservices. Data in the database will be exposed without exposing  
the fact that we are retrieving the data from a database.

The design that we have come up so far is to give the database  
administrator two ways to authenticate and authorize the users of the  
service. The he can either enter the details for a user who has the  
necessary permissions for doing the operations defined in the service  
in which case WSO2 Application Server(WSAS) will take care of access  
control or else he can get the database to control access to the data.

In the first method WSAS will authenticate the user and then use the  
authorization details in it's system to do the access control. In  
this all permissions will be controlled through the security module  
inside WSAS. WSAS will login and access as itself.

In the second method the user will send the authentication and  
authorization details and these details will be used when accessing  
the database. Please note the Security Token that will be used will  
not be some thing that is special to the Database service.

The database administrator will create a configuration file [xml]  
with the needed details for exposing the required data in the  
database. I will send a separate mail about the configuration file  
and its format as it stands.

Best Regards,
Chamil Thanthrimudalige