manoj Could U Tell me What Do U mean By Web service Enhancement to provide security to WEB SERVICE plZ explain In Detail?
Manoj Pal
Web Services Enhancements (WSE) is the Microsoft extension to the Web service support in the .NET Framework that builds on the foundation of XML, SOAP, and WSDL with higher-level protocols that support such things as message-based security, policy-based administration, and the flexibility to move message-exchange out of the HTTP-only world. The result is a Web service platform that can save developers from the tedious, time-consuming, and fragile world of developing higher-level requirements themselves. Instead they can rely on the supported and interoperable solution that is provided by WSE.
Web Services Enhancements 2.0 builds on the 1.0 version of WSE that provided basic support for security, message routing, and binary data transfer. For instance, in the area of security, WSE 1.0 provided support for message-based authentication, digital signatures, and encryption. With WSE 2.0, this ability has been extended to include support for Kerberos tokens that integrate with your Windows users and groups. WSE 2.0 also supports the WS-SecureConversation specification that means a security token can be used for multiple messages between two entities and greater processing efficiency is achieved. Support for WS-SecurityPolicy means that you don't even have to write extra code to implement these higher-level security capabilities. With WSE 2.0, by simply associating your Web service with a policy document, security restrictions can be left as an administrative task. And WSE 2.0 security takes advantage of the advancements that have been made in the area of higher-level Web service protocols by implementing the recently approved Oasis standard version of WS-Security. This means that applications built with WSE 2.0 security features will interoperate with other Web service platforms as their WS-Security-compliant implementations become available.
WSE 2.0 provides other capabilities as well. Support for message exchange over HTTP is extended to include support for transferring messages over TCP connections or within process boundaries. Policy support extends to not only include security requirements, but also Time-To-Live (TTL) restrictions. Security restrictions can also work within the Windows role-based security model so that access or functionality can be controlled based off of membership in Windows groups. Finally, WSE 2.0 provides a plethora of extension interfaces so that you can plug your own code into the WSE 2.0 platform so that you can build things like your own policy assertion handler, custom transport, or security token support.
Is Manoj talking to himself?
Hi manoj,This is not a discussion forum, so please mail me your such type of questions at [email protected].Thanks!Manoj