Web Services and Security
You might be wondering why security wasn't built into the SOAP protocol. After all, a chapter on Web Service security would be much smaller than this chapter if security had been addressed from the beginning.
The SOAP protocol avoided security for several reasons. For one thing, security is nontrivial to implement and maintain, which would invalidate the notion of SOAP being simple.
But there are a couple deeper reasons. Not everyone using SOAP would necessarily agree on security measures, practices, and protocols, making interoperable operations problematic. And security requires a much greater coding investment, as well as the associated testing and certification required to be absolutely sure that security is maintained ...
Get Applied SOAP: Implementing .NET XML Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
