Web Service Security

Discussion in 'ASP .Net Web Services' started by Ron Vecchi, Jun 23, 2004.

  1. Ron Vecchi

    Ron Vecchi Guest

    Can someone point me in the right direction to securing soap messages to a
    webservice. I have found and read a lot about WS-Security but am having
    trouble finding ways to implement it in code.

    Thanks!
     
    Ron Vecchi, Jun 23, 2004
    #1
    1. Advertising

  2. Ron Vecchi

    Joe H Guest

    https + basic authentication not good enough?


    "Ron Vecchi" <> wrote in message
    news:...
    > Can someone point me in the right direction to securing soap messages to a
    > webservice. I have found and read a lot about WS-Security but am having
    > trouble finding ways to implement it in code.
    >
    > Thanks!
    >
    >
     
    Joe H, Jun 23, 2004
    #2
    1. Advertising

  3. Ron Vecchi

    DalePres Guest

    If you have Kalani's 70-320 study guide available, read chapter 11. It has
    a great section that really simplifies the discussion of using
    Windows.Principal and demand security. Demand security works great for web
    services.

    Dale

    "Ron Vecchi" <> wrote in message
    news:...
    > Can someone point me in the right direction to securing soap messages to a
    > webservice. I have found and read a lot about WS-Security but am having
    > trouble finding ways to implement it in code.
    >
    > Thanks!
    >
    >
     
    DalePres, Jun 24, 2004
    #3
  4. Ron Vecchi

    [MSFT] Guest

    [MSFT], Jun 24, 2004
    #4
  5. Ron Vecchi

    Ron Vecchi Guest

    Thanks all,
    "Ron Vecchi" <> wrote in message
    news:...
    > Can someone point me in the right direction to securing soap messages to a
    > webservice. I have found and read a lot about WS-Security but am having
    > trouble finding ways to implement it in code.
    >
    > Thanks!
    >
    >
     
    Ron Vecchi, Jun 24, 2004
    #5
  6. Ron Vecchi

    Gerald Brose Guest

    Ron Vecchi wrote:
    > Can someone point me in the right direction to securing soap messages to a
    > webservice. I have found and read a lot about WS-Security but am having
    > trouble finding ways to implement it in code.


    If you don't want to code to a security API such as WSE 2.0 and
    thus hard-code the security loic and policy into your application,
    then a better way is to use a security gateway aka XML firewall,
    such as Xtradyne's Web Services DBC (WS-DBC).

    The WS-DBC sits in the path of the messages and performs authen-
    tication, authorization, transport security, auditing, and
    content inspection (XPath filters, XML schema validation, virus
    scanning of SOAP attachments). It supports security standards such
    as WS-Security, SAML, XACML, XML encryption and digital signature,
    etc. Policies are centrally managed using a powerful GUI, rather
    than hard-wired in the code. Due to its excellent performance,
    scalability and high-availability feature it is especially
    suitable for enterprise settings.

    Regards, Gerald.
    --
    Dr. Gerald Brose mailto:
    Xtradyne Technologies http://www.xtradyne.com
    Schoenhauser Allee 6-7, Phone: +49-30-440 306-27
    D-10119 Berlin, Germany Fax : +49-30-440 306-78
     
    Gerald Brose, Jun 25, 2004
    #6
  7. Ron Vecchi

    Ron Vecchi Guest

    Interesting, Thanks

    "Gerald Brose" <> wrote in message
    news:...
    > Ron Vecchi wrote:
    > > Can someone point me in the right direction to securing soap messages to

    a
    > > webservice. I have found and read a lot about WS-Security but am having
    > > trouble finding ways to implement it in code.

    >
    > If you don't want to code to a security API such as WSE 2.0 and
    > thus hard-code the security loic and policy into your application,
    > then a better way is to use a security gateway aka XML firewall,
    > such as Xtradyne's Web Services DBC (WS-DBC).
    >
    > The WS-DBC sits in the path of the messages and performs authen-
    > tication, authorization, transport security, auditing, and
    > content inspection (XPath filters, XML schema validation, virus
    > scanning of SOAP attachments). It supports security standards such
    > as WS-Security, SAML, XACML, XML encryption and digital signature,
    > etc. Policies are centrally managed using a powerful GUI, rather
    > than hard-wired in the code. Due to its excellent performance,
    > scalability and high-availability feature it is especially
    > suitable for enterprise settings.
    >
    > Regards, Gerald.
    > --
    > Dr. Gerald Brose mailto:
    > Xtradyne Technologies http://www.xtradyne.com
    > Schoenhauser Allee 6-7, Phone: +49-30-440 306-27
    > D-10119 Berlin, Germany Fax : +49-30-440 306-78
     
    Ron Vecchi, Jun 25, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. hocho888
    Replies:
    1
    Views:
    661
  2. Michael Averstegge
    Replies:
    0
    Views:
    4,272
    Michael Averstegge
    Jan 10, 2006
  3. Mark
    Replies:
    1
    Views:
    331
    bruce barker
    Jan 4, 2007
  4. Not Me
    Replies:
    1
    Views:
    3,208
    Not Me
    Jun 5, 2007
  5. Leo Violette
    Replies:
    0
    Views:
    1,068
    Leo Violette
    Apr 17, 2009
Loading...

Share This Page