aspose file tools*
The moose likes Web Services and the fly likes Mark Hansen - WS-Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Mark Hansen - WS-Security" Watch "Mark Hansen - WS-Security" New topic
Author

Mark Hansen - WS-Security

Estevao Rohr
Greenhorn

Joined: Jan 09, 2007
Posts: 6
Does the book "SOA Using Java Web Services" talks about WS-Security and its related standards?

I've been reading about these standards (WS-Security, XML Encryption, XML Signature, SAML, XACML) for my Mastership Degree work, and I wonder if there's some resource showing by example how to design a WS-Security-based architecture. Also another question: those are the standards I concluded I will need to implement confidenciality, integrity, authorization and authentication. Did I forget any important one?

And do you have any suggestions of tools to implement these standards?

Thank you in advance,
Estevao Rohr.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42280
    
  64
According to the table of contents, the book deals very little with security explicitly.

To use WS-Security you don't need to implement (or even directly use) any of the other standards you mention. The WS-Sec implementation does that for you (e.g. WSS4J, which is well-integrated with Axis).


Ping & DNS - my free Android networking tools app
Mark D. Hansen
author
Ranch Hand

Joined: May 29, 2007
Posts: 61
Ulf is right. I don't deal much with security in this book - primarily because there is no Java API for WS-Security built into Java EE 5 or Java SE 6. And that is the scope that I defined for the book.

See this blog post for some information about how to do it wth JSR-181 in the XFire toolkit.

JSR-183 is the WS-Security specification. But, not much has happened with it.

Within GlassFish, the WSIT interop framework provides some WS-Security features.


Mark D. Hansen
Founder and President, AgileIT LLC http://agileitinc.com/
Author of "SOA Using Java Web Services" - http://soabook.com/
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Mark Hansen - WS-Security