I would like to hear from others on level of details that we need to provide to secure web services consumed by SuD.
a) Assuming I want to restrict it to basic authentication and some transport level security what should be covered and how (Sequence diagram, Notes etc)?
b) Do I really need to use WS-Security? If yes how do I need to demonstrate generation/propagation of wsse:UsernameToken to service provider? What else should be covered?
Thanks in advance.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: Web Service Security - Level of details needed (for part2)