Web Services Interoperability Plugfest

We participated the latest Web Services Interoperability Plugfest hosted in Microsoft last week. Harold has a detailed report of the testing result in his blog.

This is the fourth time I have been to Redmond for the Plugfests. I was focused on the WS-SX scenarios this time. WS-SX covers Oasis standard versions of
WS-Trust1.3, WS-SecureConversation1.3 and WS-SecurityPolicy1.2. W3C standards WS-Policy 1.5 as well as WS-Addressing 1.0 are also used in the tests.

The testing scenarios are rather comprehensive which conver various combinations of the following:

Protection:

1. TransportBinding where SSL is used to protect the messages.

2. SymmetricBinding with X509Token of the server

3. AsymmetricBinding with X509Tokens of the client and the server

Client Authentication Token:

1. Usernam/Password

2. X509 certificate

Issued Tokens from STS:

1. Token Type: SAML 1.1

2. Proof Key Type:

2.1 Symmetric Key

2.2 Public Key with Client X509 certificate

2.3 Optionally Public Key with ephemeral RSA key pairs from the client

2.4 No proof key with Bearer key type

Bootstrap client authentication token for Secure Conversation:

1. X509 certificate
2. Issued Token from an STS

For secure conversation, we tested both the issuance and the cancellation bindings.

As reported by Harold, we have successfully passed most of the testing scenarios.
The only remaining issue is that we have not completed the support of KeyValueToken for use with issued token of public proof key type with ephemeral RSA key pairs.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Jiandong Guo

Search

Categories
Archives
« April 2015
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
  
       
Today