I’m interested in creating a Security Policy and attaching it to the services.
But I don’t know how to do and where to start. Could you provide some links or some terms involved. Thanks & Best regards Binh, Nguyen Thanh Cell phone: (+84)982260622 From: Luciano Resende [mailto:[email protected]] Sent: Friday, August 10, 2012 10:32 AM To: [email protected] Subject: Re: Need help on Big SCA Applications deployment strategy It seems that what you want is to provide some control on who can access the Tuscany services. You could handled that in few different ways, simply configuring authorization in the web application server for the service endpoint or more towards a SCA solution, you could create a Security Policy which would be attached to your services and prevent access of unauthorized users but that would require you to do some development on the infrastructure side On Thu, Aug 9, 2012 at 8:19 PM, binhnt22 <[email protected]> wrote: Thank you very much, Lresende One more question about security, if you don’t mind. As I said before, the legacy systems communicate through a central database with encrypted hibernate.cfg.xml and a good network policy. But pairing with Tuscany, most of the communication points will be exposed through web service (intranet). And I think that’s a problem. Can you share some knowledge? How those systems talk to each other in a well-defense environment? Prevent anyone without the authorization from accessing those web services. Best regards Binh, Nguyen Thanh Cell phone: (+84)982260622 -- Luciano Resende http://people.apache.org/~lresende http://twitter.com/lresende1975 http://lresende.blogspot.com/
