|
|
|
Authentication schemes that require user intervention are generally not appropriate for securing web services. SOA Security Manager provides four transport-level and message-level authentication schemes that do not require user intervention.
Validates XML messages using credentials gathered from the message itself by mapping fields within the document to fields within a user directory.
Validates XML documents digitally signed with valid X.509 certificates.
Validates XML messages using credentials gathered from WS-Security headers in a message's SOAP envelope.
SOA Security Manager can produce and consume WS-Security tokens. This enables you to use the WS-Security authentication scheme to deploy a multiple-web service implementation across federated sites.
Validates XML messages using credentials obtained from SOA Security Manager synchronized-sessioning SAML assertions (which contain an encrypted combination of a SOA Security Manager session ticket and a SOA Security Manager user's public key) placed in a message's HTTP header, SOAP envelope, or a cookie.
SOA Security Manager can generate and consume SAML Session Ticket assertions. This enables you to use the SAML Session Ticket authentication scheme to deploy a multiple-web service implementation within a single Policy Server domain.
Deciding which authentication scheme or schemes you intend to use to secure your web services is integral to how you design and implement your web services and is best made as part of the broader context of choosing an authentication service model.
| Copyright © 2009 CA. All rights reserved. | Email CA about this topic |