Web Services Security Guides › CA SiteMinder WSS Policy Configuration Guide › Introducing CA SiteMinder WSS › How to Develop and Deploy CA SiteMinder WSS Protected Web Services
How to Develop and Deploy CA SiteMinder WSS Protected Web Services
To develop a web service implementation protected with CA SiteMinder WSS, do the following:
- Determine how many web services, locally or at federated sites, will be used to perform the required functionality.
- Choose an authentication service model by determining the following:
- How security information is to be obtained from a request and, in a multiple-web service environment, how that information is to be passed between web services.
- In a multiple-web service environment, the flow of data between web services.
- For each web service in your web service implementation, determine the following:
- Define the service interface. The simplest form of interface for a web service can be specified as a set of XML schemas. These schemas dictate the type of XML document to be sent to the web service and what type of document the sender can expect in return.
- Build the web service implementation to accommodate an incoming XML document of the type specified in the interface and turn that XML document into a meaningful set of calls to the integrated back-end systems that the web service exposes.
- Deploy your web service implementation to a web server or application server protected by a SiteMinder WSS Agent. You direct consumers of your web service to send their XML message requests to this URI to access the web service.
- Configure CA SiteMinder WSS policies to determine how the SiteMinder WSS Agent should authenticate, authorize, and process the XML message before it passes it onto the web service implementation for handling.
Once it receives a message from the SiteMinder WSS Agent, the web service should return an applicable XML response to the calling web service consumer application or the next.
Copyright © 2015 CA Technologies.
All rights reserved.
|
|