When designing components for a SOA landscape (or any multiprocess system), the primary concern is with the communication behavior of the component: how messages are passed to and from the component and in what order, what those messages are and
Feeling secure with Web Services – Part 3 – Digital Signature
There seems to be a lot of misunderstanding about Web Service security. Using password authentication doesn’t prevent unauthorized users to access your data, while SSL / HTTPS doesn’t give you any information about who is trying to access your services.
Feeling secure with Web Services – Part 2
There seems to be a lot of misunderstanding about Web Service security. Using password authentication doesn’t prevent unauthorized users to access your data, while SSL / HTTPS doesn’t give you any information about who is trying to access your services.
Feeling secure with Web Services – Part 1 – The UsernameToken
Recently, I’ve been helping a customer with some Web Service issues. One of the problems was their limited knowledge of security in that area. He asked me to explain, in Jip and Janneke language [1] how SSL works and what
Feeling secure with Web Services – Introduction
Recently, I’ve been helping a customer with some Web Service issues. One of the problems was their limited knowledge of security in that area. He asked me to explain, in Jip and Janneke language [1] how SSL works and what
Shooting ducks
If you want to make an omelette… you have to shoot some ducks! A counterpoint to Arjen Poutsma’s WS-DuckTyping Author’s note: this was actually an article written by me for a different publication some time back. However, this is its