RE: SOAP applications ?

[Anne Thomas Manes]

All the folks concentrating on workflow would disagree with you on this point.   There'a a lot of work going on right now that will solve the single sign-on problem.   OASIS SAML (Security Assertions Markup Language provides a standard XML format that you can use to express and exchange authentication assertions and authorization decisions. (see http://www.oasis-open.org/committees/security/)   OASIS XACML (Extensible Access Control Markup Language) provides a standard XML data exchange format for access control policies. (see http://www.oasis-open.org/committees/xacml/)   WS-Security (a spec from IBM, Microsoft, and Verisign) defines mechanisms to exchanges security tokens (such as X.509 certificates, Kerberos tickets, and SAML assertions) within a SOAP header, a way to delegate these security credentials through any number of hops or intermediaries, a way to digitally sign all or part of a message, and a way to exchange information needed to decrypt the signed data. (see http://msdn.microsoft.com/ws-security/)   Anne    -----Original Message----- From: Shashi Anand [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 8:35 AM To: [EMAIL PROTECTED] Subject: RE: SOAP applications ? What I get is SOAP applications always will be call to set of methods which are not interrelated. If a system has to be developed where a user logs in, does some sequence of interrelated operations and logs out. In such kind of scenario SOAP wont be a good choice.   SOAP will be useful to expose individual methods as SOAP calls.   Shashi Anand -------Original Message-------   From: [EMAIL PROTECTED] Date: Tuesday, May 14, 2002 17:50:37 To: [EMAIL PROTECTED] Subject: RE: SOAP applications ?   A SOAP or web service application is a distributed application. It makes calls to servers that you either control yourself (such as an interface to a legacy system), that are controlled by your business partners, or that provide a public information service (like zip code services). SOAP is just one way to make these calls. You build an application treating each web service as if it were just a local component. What's nice is that you can also take any information source and put a web service wrapper around it. By exposing this source as web service, you and anyone else has a well-known, cross-platform, high-level way of calling methods to retrieve data from this source-- SOAP. One simple application that could be built in this manner would be a vacation planner. You could combine weather services, map services, and a seach engine all through web services. Punch in the zip code of where you are and where you are going and voila- out comes a map, the weather report, and some search engine results on what to do once you get there. www.xmethods.com <http://www.xmethods.com> has a weather service (and many other service useful for testing), google has created a web service exposing their search engine, and for a map service you can just wrap yahoo or mapquest in a simple web service wrapper if it hasn't already been done. Erich Izdepski Senior Software Engineer Cysive, Inc. -----Original Message----- From: Shashi Anand [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 1:09 AM To: [EMAIL PROTECTED] Subject: SOAP applications ? Hi, What could be SOAP applications in real world ? In other words how to decide whether SOAP could be solution to some scenarios. Thanks Shashi Anand .