Conclusion

Previous page
Table of content
Next page

While WS-Security provides the core functionality needed to secure SOAP messages, it does not address how trust is obtained and propagated, and it lacks mechanisms that can be used for securing conversations. This is by design, and keeping WS-Security lean is good, modular design. We have seen that WS-Trust and WS-SecureConversation fill in the gaps, including many missing, higher- level security functionalities. Using WS-Trust, it would not be overly difficult to write Web service front-ends to distribute X.509 certificates, Kerberos tickets, or any other custom security token. While WSE does not implement these types of STSs directly, it will certainly be used to do so. WSE does provide a reliable, full-features implementation of the security context token service, as described in WS-SecureConversation, that I have demonstrated can be used with only minimal configuration out of the box.



Previous page
Table of content
Next page
Understanding Web Services Specifications and the WSE
Understanding Web Services Specifications and the WSE (Pro Developer)
ISBN: 0735619131
EAN: 2147483647
Year: 2006
Pages: 79
Authors: Jeannine Hall Gailey
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Developing Tablet PC Applications (Charles River Media Programming)
Cisco CallManager Fundamentals (2nd Edition)
MySQL Cookbook
Microsoft VBScript Professional Projects
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy