WS-Trust in WSIT
By harsha on May 16, 2006
Project Tango is a Sun initiative focused on delivering interoperable Web services technologies. Web Services Interoperability Technology (WSIT) is an open-source implementation of next generation Web services technologies that deliver interoperability between Java EE and .Net to help you build, deploy, and maintain Composite Applications for your Service Oriented Architecture. It is focused on four main categories: Messaging, Metadata, Security, and Quality-of-Service (QoS).
The main standard for security in Web Services is WS-Security.
WS-Security introduces the concept of security tokens for encoding
secuirty information for the purpose of authentication, auththrization,
confidentiality, integrity, etc, of messages exchanged. It also
defines the mechanism of carrying security token with the messages for
message level security. WS-Trust is introduced to address the issues
when the security tokens are not consumed by the service provider. This
is the case, for example, when the Web Service client and the Web
Service provider sit in different security domains and have no direct
trust relationships. The protocols defined in WS-Trust allow for
establishing a Security Token Service as a trust authority for
brokering trust among Web Services consumers and Web Services providers.
All the policy elements and configurable parameters for this can be set using the netbeans attributes editor. The editor simplifies to a great extent the otherwise difficult job of writing the wsdl (wsit.xml) and the client side configuration (wsit-client.xml) with correct policies.