O'Reilly logo

SOA Security by Prasad A Chodavarapu, Ramarao Kanneganti

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix B. WS-SecureConversation

Consider a front-end application that uses SOAP message exchanges to invoke the services offered by a back-end application. If you have read chapters 3-8, you already know how to secure these message exchanges. Using WS-Security, the front-end and back-end applications can add security tokens needed for authentication, encryption/decryption, and signing/verifying signatures to each message. Observe that we are emphasizing the need to add the required tokens to each and every message. Is this really necessary? If the front-end application is going to exchange a series of SOAP messages with the back-end application, is it possible to authenticate just once, or exchange the keys used for encryption/decryption and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required