InstallationAs of February 2013, XServices require Java 7. Older builds run against Java 5.As of April 2018, XServices require Java 8 and Tomcat 8.5.tbd.In short: Deploy .WAR file to Apache TomcatSecuring with Basic AuthenticationThere is a quick guide explaining Basic Authentication for Tomcat here:
http://oreilly.com/pub/a/java/archive/tomcat-tips.html?page=1
Limit access by IP addressSometimes you'll only want to restrict access to to
only
specified host names or IP addresses. This way, only
clients at
those specified addresses can use the web services.
Tomcat provides
two configuration values for that:
RemoteHostValve and
RemoteAddrValve.These Valves allow you to filter requests by host name or
by IP
address, and to allow or deny hosts that match. The
example below
restricts access to the ArchiveService from any
machine that is not
the local host.<Context
path="/XService/ArchiveService"
...> <Valve
className="org.apache.catalina.valves.RemoteAddrValve"
allow="127.0.0.1" deny=""/> </Context>
If no allow pattern is given, then patterns that match
the deny
attribute patterns will be rejected, and all others
will be allowed.
Similarly, if no deny pattern is given,
patterns that match the
allow attribute will be allowed, and
all others will be denied.
The <context> element must be placed into the
server.xml
file (into <engine><host>).