If you don't want to code to a security API such as WSE 2.0 and
thus hard-code the security loic and policy into your application,
then a better way is to use a security gateway aka XML firewall,
such as Xtradyne's Web Services DBC (WS-DBC).
The WS-DBC sits in the path of the messages and performs authen-
tication, authorization, transport security, auditing, and
content inspection (XPath filters, XML schema validation, virus
scanning of SOAP attachments). It supports security standards such
as WS-Security, SAML, XACML, XML encryption and digital signature,
etc. Policies are centrally managed using a powerful GUI, rather
than hard-wired in the code. Due to its excellent performance,
scalability and high-availability feature it is especially
suitable for enterprise settings.
Regards, Gerald.
--
Dr. Gerald Brose mailto:
[email protected]
Xtradyne Technologies
http://www.xtradyne.com
Schoenhauser Allee 6-7, Phone: +49-30-440 306-27
D-10119 Berlin, Germany Fax : +49-30-440 306-78