Chapter 13. Securing Web Services with WS-Security
Almost by definition, security is a hard-to-use feature—in contrast to Web services, which are fairly easy to implement and understand. In the first version of most SOAP toolkits, security was an afterthought that was handled almost entirely by the transport of the SOAP message. For example, encryption was covered by SSL (Secure Sockets Layer) over HTTP.
We need to be able to encrypt, sign, and authenticate messages. This means that the security information of the SOAP message must be baked into the SOAP message itself. This chapter covers cryptography and a specific security technology available for use with Web services: WS-Security. It also examines how the Web Services Enhancements for Microsoft ...
Get .NET Web Services: Architecture and Implementation now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.