IBM and Microsoft got together again and came up with a combined approach (combines the former SOAP-SEC and WS-Security/WS-License stuff) for adding security tokens, digital signatures, etc to messages. This is a much cleaner and very flexible approach.
Security in a Web Services World: This paper describes a proposed strategy and comprehensive model for security in the Web service environment. http://www-106.ibm.com/developerworks/webservices/library/ws-secmap/ Web Services Security: The Web Services Security specification offers a new security model for sending messages between services. (Specification) http://www-106.ibm.com/developerworks/webservices/library/ws-secure/ Web Services ToolKit for dynamic e-business. A new release of the IBM Web Services Toolkit that offers an early implementation of the new proposed WS-Security specification. http://alphaworks.ibm.com/tech/webservicestoolkit The WS-Security XML Schema. http://schemas.xmlsoap.org/ws/2002/04/secext We're looking for lots of feedback on this, btw. - James M Snell/Fresno/IBM Web services architecture and strategy Internet Emerging Technologies, IBM 544.9035 TIE line 559.587.1233 Office 919.486.0077 Voice Mail [EMAIL PROTECTED] Programming Web Services With SOAP, O'reilly & Associates, ISBN 0596000952 == Have I not commanded you? Be strong and courageous. Do not be terrified, do not be discouraged, for the Lord your God will be with you wherever you go. - Joshua 1:9 Please respond to [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: IBM & Microsoft Web Services Architecture and Roadmap http://www.ibm.com/developerworks/webservices/library/ws-secmap/?loc=dwmain may be of interest. Glyn
