IL GON KIM wrote:
I am studying on WS-Security and have a question about it.
As far as I understand it, WS-Security defines security elements in
header part of the SOAP messages, by combining WS-Signature and
WS-Encryption standards.
I think it is possible to define security elements in body
You will have to look at the feasibility of putting
everything in the body as well as achieving SOAP
intermediary functionality.
WS-Security is an elegant and generalized solution.
The concept of security tokens pertains to username ,
X.509, or SAML tokens. For encryption, having
EncryptedKey sepa
Davanum Srinivas wrote:
my 2 cents, whatever is in the soap body is destined for the
application that consumes/needs the soap request/response. the header
is a location where intermediate nodes or the soap engine(s) at the
end can add custom information independent of the application that
sends/
my 2 cents, whatever is in the soap body is destined for the
application that consumes/needs the soap request/response. the header
is a location where intermediate nodes or the soap engine(s) at the
end can add custom information independent of the application that
sends/receives the soap request/r
I am studying on WS-Security and have a question about it.
As far as I understand it, WS-Security defines security elements in
header part of the SOAP messages, by combining WS-Signature and
WS-Encryption standards.
I think it is possible to define security elements in body part of the
SOAP m
