File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Web Service Security - Level of details needed (for part2) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Web Service Security - Level of details needed (for part2)" Watch "Web Service Security - Level of details needed (for part2)" New topic
Author

Web Service Security - Level of details needed (for part2)

san kumar parihar
Ranch Hand

Joined: Dec 05, 2010
Posts: 30
I would like to hear from others on level of details that we need to provide to secure web services consumed by SuD.

a) Assuming I want to restrict it to basic authentication and some transport level security what should be covered and how (Sequence diagram, Notes etc)?
b) Do I really need to use WS-Security? If yes how do I need to demonstrate generation/propagation of wsse:UsernameToken to service provider? What else should be covered?

Thanks in advance.
 
GeeCON Prague 2014
 
subject: Web Service Security - Level of details needed (for part2)