Hi Yannick, On Tue, Jul 8, 2008 at 1:38 AM, yannick guionnet <[EMAIL PROTECTED]> wrote:
> Why security is not adressed in Integration layer ? We've recently done some work towards having more security integration in the IL (mostly Axis2). It should soon be possible to setup Axis2 with Rampart and send/receive secured messages using WS-Security on a per-endpoint basis, for example. Related to security at the BPEL level, I hope to publishing a spec soonish related to security assertions in BPEL invoke/receives. > Otherwise what is your plan/roadmap about security ? Speaking for myself and not the project at large, it would go roughly as: 1) Finish WS-Security integration in the IL 2) Publish spec and implement security assertions in BPEL 3) Implement BPEL4People extensions It's also good to note that Tempo already fulfills many security needs via loose integration, and you can use HTTPS or other secured transports (e.g. JMS) as well. alex
