Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the...
-
Upload
wesley-lambert -
Category
Documents
-
view
218 -
download
2
Transcript of Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the...
Basic Authentication
Mutual Authentication
2-legged OAuth
Direct Authentication for Web Services
Transp
ort
Level
UsernameToken Profile with WS-Security
Signing – X.509 Token Profile with WS-Security
Direct Authentication for Web Services
Mess
age L
evel
WS-Trust / STS
WS-Federation
Brokered Authentication for Web Services
Mess
age L
evel
Signing – X.509 Token Profile with WS-Security
Kerberos Token Profile for WS-Security
Resource STS
Message Interceptor Gateway Pattern
Trusted Sub System Pattern
Security Solution PatternsM
ess
age L
evel
X.509 Token Profile & Key Referencing
Mess
age L
evel
SOAP Security
Key Identifiers
Direct References
Mess
age L
evel
SOAP Security
• WS-Security secures SOAP – focuses on message level security
• Focuses on a single message authentication model
• Each message contains everything necessary to authenticate it self
• Suitable for a coarse grained messaging in which a single message at a time from the same requestor is receivedW
S –
Secu
re C
onvers
ati
on
Mess
age L
evel
SOAP SecurityW
S –
Secu
re C
onvers
ati
on
• What SSL does at the transport level in point-to-point communication, WS-SecureConversation does at the SOAP layer
• Removes the need of individual SOAP message carrying authentication information.
• Establishes a mutually authenticated security context in which a series of messages are exchanged.
• Uses public key encryption to exchange a shared secret and then onwards uses the shared key