Using Role-Based Security with Web Services Enhancements 2.0

Entries: [ 1 ]

Details

Kingsley Uyi Idehen

Lexington, United States

FOAF

Full profile

OPML 1.0

Multimedia

Videos

Audio

Images

iTunes Subscription

Post Categories

ALL

Commentary

Content Syndication

Data Access

Database Technology

Demos

History - Technology

Industry News

Programming

Security

Semantic Web

Social Networking

SQL

Tips and Tricks

Virtual Database

Web Services

Web Services (Web 2.0)

XML

XQuery/XPath

E-Mail:

Recent Articles

Using Role-Based Security with Web Services Enhancements 2.0

By Ingo Rammer, Microsoft MSDN Library.

In this article the author shows how you can create and use a custom security token manager with the Web Services Enhancements 2.0 for Microsoft .NET to check for X.509 certificates, map them to roles and populate context information with custom principal and identity objects.

He shows how easy it is to use WS-Policy from within Visual Studio .NET to add declarative checking of role membership to your applications. The advantage of this approach based on WS-Security when compared to classic HTTP based security is that it doesn't rely on transport-level integrity or security but instead works solely with the SOAP message. This provides you with end-to-end security capabilities over multiple hops and protocols.

http://msdn.microsoft.com/library/en-us/dnwse/html/wserolebasedsec.asp

See also WS-Security references: http://xml.coverpages.org/ws-security.html

About this entry:

Author: Kingsley Uyi Idehen
Published: 01/27/2005 14:52 GMT-0500
Modified: 06/22/2006 08:56 GMT-0500
Tags: webservices , .net
Categories: Security , Web Services (Web 2.0) , Web Services
Comment Status: 0 Comments
Permalink: http://www.openlinksw.com/dataspace/kidehen@openlinksw.com/weblog/kidehen@openlinksw.com%27s%20BLOG%20%5B127%5D/672