Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Web Services Search Coderanch
Advance search Google search
Register / Login
This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of Darcy DeClute's Scrum Master Certification Guide: The Definitive Resource for Passing the CSM and PSM Exams and have Darcy DeClute on-line!
See this thread for details.
Win a copy of Darcy DeClute's Scrum Master Certification Guide: The Definitive Resource for Passing the CSM and PSM Exams this week in the Agile and Other Processes forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
book review grid advertise on coderanch meaningless drivel thread boost building better world book
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Jeanne Boyarsky
  • Tim Cooke
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Mikalai Zaikin
  • Carey Brown
Bartenders:

Web Services Security

 
ILYAS ALI
Greenhorn
Posts: 1
posted 16 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Hi All,

I am new to this forum. I wanna ask that if you use HTTPS url to access Web Services then is that enough while talking about Web Servives Security.

Any hint to study the actual technologies that can implement WS Security ???

Thanks in Advance.
 
Ulf Dittmer
Rancher
Posts: 43081
77
posted 16 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

You have to differentiate between web services security and WS-Security. The former is the general concept of securing web services, while the latter is an OASIS standard that prescribed various security-related features that can be used to achieve web services security. The main features of WS-Security are authentication (both username/password and certificates), signature and encryption.

Since web services are overwhelmingly based on HTTP, the HTTP security features (authentication and encryption via SSL/HTTPS) can also be used. But that should be considered obsolete; these days, to secure a web service, the features of the WS-Security standard should be used. Popular WS engines (like Axis) come with WS-Security support built in.
[ July 05, 2007: Message edited by: Ulf Dittmer ]
 
I was her plaything! And so was this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...