WS-Security


Released in April 2002, a draft of the WS-Security specification was one of the first to be co- authored by IBM, Microsoft, and VeriSign. In general, the WS- Security specification aims to guarantee integrity and confidentiality of SOAP messages used in a Web services environment.

Although a number of security identifiers (known as tokens) can be used with WS-Security, the specification itself is designed to be extensibleallowing anyone to expand and introduce a customized token format. The specification also describes how to encode X.509 certificates, Kerberos tickets, and UsernameTokens as part of a message.

For authentication, implementations of the specification typically support an unsigned security token (such as a username and password token) or a signed security token (either an X.509 certificate or a Kerberos ticket). These authentication mechanisms are used in conjunction with claims. A claim is a statement that a client makes (for example, a name , privilege, or capability).

For encryption, the specification leverages the XML Encryption standard. Three elements of the XML Encryption standard ( xenc:ReferenceList , xenc:EncryptedKey , and xenc:EncryptedData ) can be used within the WS-Security header. The specification itself, and some extended samples, can be found at: http://msdn.microsoft.com/ webservices /building/wse/default.aspx?pull=/library/en-us/dnglobspec/html/ws-security.asp .




Microsoft. NET and J2EE Interoperability Toolkit
Microsoft .NET and J2EE Interoperability Toolkit (Pro-Developer)
ISBN: 0735619220
EAN: 2147483647
Year: 2003
Pages: 132
Authors: Simon Guest

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net