Adding security to a service does not affect the service interface. However, for the purposes of this example, and the following examples, we will be using a new MathService interface with 4 operations (add, subtract, multiply, and divide). We are simply doing this because, further on, it will allow us to configure each operation with a different security configuration (and four simply happens to be a convenient number of operations).

	The WSDL file for this example can be found here: $EXAMPLES_DIR/schema/examples/MathService_instance_4op/Math.wsdl

At this point, we don't have to modify the service implementation either, since we will be able to add security simply by modifying the WSDD file. However, we will be adding a private method logSecurityInfo to the service class to print out certain security information.

	The code for the service can be found in $EXAMPLES_DIR/org/globus/examples/services/security/first/impl/MathService.java The code for the resource can be found in $EXAMPLES_DIR/org/globus/examples/services/security/first/impl/MathResource.java The code for the resource home can be found in $EXAMPLES_DIR/org/globus/examples/services/security/first/impl/MathResourceHome.java

First, let's take a look at the logSecurityInfo method. This method will print out a lot of security information. At this point, we are only interested in a snippet of code that prints out the client's identity. This will allow us to verify that authentication is taking place and that the service correctly receives the client's credentials. In the following chapters, we will see what the rest of logSecurityInfo prints out, and what that information means.

private void logSecurityInfo(String methodName)
{
	Subject subject;
	logger.info("SECURITY INFO FOR METHOD '" + methodName + "'");

	// Print out the caller
	String identity = SecurityManager.getManager().getCaller();
	logger.info("The caller is:" + identity);

	// Print out more security information
}

Next, the implementation of the remote operations is exactly the same as in a non-secure service. The only difference is that we will be calling the logSecurityInfo method in each of them. For example, the add method looks like this:

public AddResponse add(int a) throws RemoteException {
	logSecurityInfo("add");
		
	MathResource mathResource = getResource();
	mathResource.setValue(mathResource.getValue() + a);
	mathResource.setLastOp("ADDITION");

	return new AddResponse();
}

Finally, remember that, strictly speaking, we are not modifying the Java files at all. We are simply adding some logging code to keep track of what's happening in the service. At this point, adding security will affect only the deployment files. Later on, more complicated security scenarios will require that we modify the service implementation.