Monday Feb 23, 2009

Java CAPS 6 - Providing Policy-driven Web Services Security support using a XML Security Gateway

Securing web services, to be invoked over the Internet, is both essential and difficult. Using appropriate tools and technologies makes it easier to accomplish the task. Developer-dependent solution, where security is embedded directly into consumers and providers, is inflexible and labour-intensive. Gateway-based solutions are more flexible, more dynamic and easier to manage. In this note Java CAPS 6-based web service consumer and provider pair are developed. The solutions are exercised first without, then with the web services security gateway. This enables demonstration of how web services can be secured, how policies can be developed and propagated and how WS-Security-mandated XML markup can be dealt with outside the development shop. The Layer 7 SecureSpan XML Gateway, and its oft forgotten companion, the SecureSpan VPN Client, are used to explore the topic. The reader should be able to acquire enough knowledge to obtain and deploy the SecureSpan XML Gateway, and to use its basic functionality to implement gateway-mediated secure web services solutions.

The full text of this Note is available from: http://mediacast.sun.com/users/Michael.Czapski-Sun/media/WS-Security_for_Java_CAPS_the_Gateway_Way_1.0.pdf/details

About

In this Blog I post abstracts of articles / writeups / notes on various aspects of Java CAPS and SOA Suite including solutions, discussions and screencasts. The links to the referenced material are included in the bodies of the abstracts.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today