WS-Security, WSE and other standards

I had good feedback on my last post regarding WS-Security.  My project is not “real-world” in that it is just academic - my learning project. I wanted to explore WebService life beyond the VS.NET wizard so I'm doing all kinds of things that I wouldn't necessarily do in real life.

Some of the objects of this project are:

  • Find something interesting enough that I will pursue it on my own time.
  • Go beyond the basic VS.NET wizard generated “RPC“ like webservices
  • Learn more WSDL and how to extend it
  • Message based webservices using industry standard schemas and wsdl.
  • UDDI
  • Learn WS-XYZ standards - at the WS-Security, WS-Attachment level
  • I would really like to get a handle on “best practices“ - part of standards I hope.
  • Interop with Java, other clients and web services.   The WS-I basic profile stuff.
  • ... more

I think that I'm doing fairly well. I get stuck on certain things and then make a jump forward.  

Published Thursday, September 11, 2003 11:28 AM by cloudycity

Comments

# re: WS-Security, WSE and other standards

Enthusiasm! I love it!

While the WS-* specifications are important, some warrant more study than others. Specifically, I believe WS-Addressing and the policy framework (WS-Policy, WS-PolicyAttachments, WS-SecurityPolicy) are vital to form and function.

I find that some of the "best practices" you describe are documented in the "Security Considerations" sections of various specifications (see WS-Addressing, WS-Policy, et al.).

Oh, and stop by the WSE newsgroup. There are some good discussions to be had. :-)

Friday, September 12, 2003 12:39 AM by John Bristowe

# re:WS-Security, WSE and other standards

^_^,Pretty Good!

Sunday, April 10, 2005 10:15 AM by TrackBack

# re:WS-Security, WSE and other standards

^_~,pretty good!

Sunday, April 17, 2005 8:22 AM by TrackBack

Leave a Comment

(required) 
(required) 
(optional)
(required)