> -----Original Message-----
> From: Fred Dushin [mailto:[EMAIL PROTECTED]
> Sent: 24 September 2007 16:35
> To: [email protected]
> Subject: Re: Policies and features (Was : WS-SX)
>
> Another is information "leakage". I am uncomfortable with
> putting sensitive security information in a service contract
> (such as a private key password), and just trusting the
> runtime to not publish it. How would an auditor be assured
> this information is not disclosed?
Yep, the possibility of the WSDL "sanitization" being over-looked is one
of the things I was thinking about when I mentioned this extra step in
the deployment work-flow being an issue.
One approach to ensuring the sanitization always occurs would be only
publish WSDL to secure clients via the dynamic route (i.e. via a HTTP
"GET ...?wsdl" as opposed to a static copy of the WSDL file). Then the
pre-processing of the WSDL could be plugged into the WSDL QueryHandler
logic.
It would be clunky, but at least less error-prone than relying on the
deployer to manually run a pre-processor over the WSDL before
provisioning a static copy to the client.
Cheers,
Eoghan
> -Fred
>
> On Sep 24, 2007, at 10:43 AM, Glynn, Eoghan wrote:
>
> > Now one advantage of the alternative approach (public stuff in the
> > policy, private stuff in the feature, merge at runtime) is that
> > this is
> > pretty close to what we have right now. We don't enforce the
> > distinction, but for certain policies/features it is possible to
> > follow
> > that pattern.
>
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
