What do you feel about security in web services ?Is it still maturing. I am hearing lot of terms in WS security like SAML, XML encryption. I am confused . does the book attempt to explain these terms and let readers know what should be where ?
The key Web Services Security Specifications are already ratified as a standard (by OASIS) and there are implementation available to support them (particularly WS-Security, XML DSIG, XML ENC, SAML, XACML, XKMS).
The book digs a lot deeper into Web services Security and its nitty-grity details of how to implement them. The book also details 3 Web Services Security Patterns - Message Interceptor Gateway, Message Inspector and Secure Message Router.