7.3. Some Myths and Common Beliefs
Developers and architects who have been tracking Web Services security may have encountered the myth about its weak security capability from various magazines and news organizations. There is a common belief that SOAP calls can pass information in XML clear text across firewalls and servers, and this may expose the risk of hacker attacks and exploits. The myth also claims that the current security protection of using HTTPS is insufficient. If we consider SOAP to be the only Web Services technology, then the myth is a self-fulfilling prophecy. Nevertheless, there is more to Web Services security than simply SOAP.
The followings are examples of some myths about Web Services that are not true.
SOAP Security Is ...
Get J2EE™ Platform Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
