Unsecured methods in a wse-secured web service?

Unsecured methods in a wse-secured web service?

Post by Wm9vZG9 » Tue, 08 Nov 2005 20:07:12


Is it possible to have methods in a wse-enabled web service that do not
require any authentication?

I.e. can I somehow mark a method (e.g. in the policy file on the server) as
not requiring authentication?

Basically I have a method that registers a user and obviously they aren't a
user yet, so they can't provide any credentials to the web service. I'm using
the "usernameOverTransportSecurity" turnkey policy (using WSE 3.0 Oct. CTP).

I could just bung the method in its own (unsecured) web-service, but it
seems a waste to have one method on its own like that, when there are other,
related tasks that will require authentication.

Any suggestions gratefully received!