This week's book giveaways are in the Refactoring and Agile forums. We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line! See this thread and this one for details.
Web Service Security - Level of details needed (for part2)
san kumar parihar
posted 4 years ago
I would like to hear from others on level of details that we need to provide to secure web services consumed by SuD.
a) Assuming I want to restrict it to basic authentication and some transport level security what should be covered and how (Sequence diagram, Notes etc)?
b) Do I really need to use WS-Security? If yes how do I need to demonstrate generation/propagation of wsse:UsernameToken to service provider? What else should be covered?