Chapter 15: Web Service Security

Previous page
Table of content
Next page

Overview

In the last two chapters, we looked in depth at WSE but purposely left the coverage of WSE and security until this chapter. You learned the general principles of security for Web services in Chapter 11, and now we’ll look at what WSE brings to the party.

At this point in the evolution of Web services, we are likely to use only one transport protocol—SOAP over HTTP. HTTP can also have a measure of security applied to it at the transport layer, HTTPS, and we can use this underneath SOAP to provide some level of protection for Web service calls.

However, as we’ve mentioned, the various Web service specifications are written from a protocol-agnostic point of view, and not all of these other protocols have “intrinsic security.” If you were to use SMTP, FTP, or Microsoft Message Queuing (MSMQ) as the transport protocol for your messages, you would lose the SSL security that HTTPS provides. The WS-Security specification addresses this shortcoming by allowing you to apply security requirements to messages you’re transmitting irrespective of the protocol used.

Before we look at any code, however, let’s look at our security requirements.



Previous page
Table of content
Next page
Programming Microsoft. NET XML Web Services
Programming MicrosoftВ® .NET XML Web Services (Pro-Developer)
ISBN: 0735619123
EAN: 2147483647
Year: 2005
Pages: 172
Authors: Damien Foggon, Daniel Maharry, Chris Ullman, Karli Watson
BUY ON AMAZON
Image Processing with LabVIEW and IMAQ Vision
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
Data Structures and Algorithms in Java
The Java Tutorial: A Short Course on the Basics, 4th Edition
GO! with Microsoft Office 2003 Brief (2nd Edition)
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy