login      my ps      about      contact  



home instructor-led training online training blogs


Musings from Gudge » New WS-SecurityPolicy published

New WS-SecurityPolicy published

Much of the last year of my life has been spent working on the WS-SecurityPolicy spec, which was republished today. This version is significantly different from the previous one. Here are the highlights;
 
  • Formalized notion of a security binding
  • Specific bindings for transport level security and both symmetric and asymmetric key based message level security
  • Support for many different token types including federated tokens
  • Mechanism for specifying additional tokens
  • Support for specifying various WSS 1.0, WSS 1.1 and WS-Trust options
Posted Jul 13 2005, 03:13 AM by martin-gudgin
Filed under: ,

Comments

Christopher Steen - Learning .NET wrote Link Listing - July 14, 2005
on 07-13-2005 7:15 AM

August
2005 issue of MSDN Magazine now online [Via: toub ]
Breaking
News: New Microsoft Certification...
Christopher Steen wrote Link Listing - July 14, 2005
on 07-13-2005 7:16 AM

August
2005 issue of MSDN Magazine now online [Via: toub ]
Breaking
News: New Microsoft Certification...
Julie Lerman Blog wrote Keeping up with the Joneses #1
on 07-15-2005 1:40 AM
Edson Camargo wrote re: New WS-SecurityPolicy published
on 02-07-2006 8:26 PM
Hi Margin,

My name is Edson, I am a master degree student and my research include the development of a web service aplication.

I have a doubt about WS-SecurityPolicy specification. I think that you can help me :o)

Let's assume the scenery where a relying part defined in your WSDL needs a SAML Token issued by a STS (WS-Trust). So, I think that the policy into WSDL should be thus:

Syntax:
<wsp:Policy>
<sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<sp:Issuer> <EndpointReference xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<Address>http://AdressOfTheSTS.com</Address>
</sp:Issuer>
<sp:RequestSecurityTokenTemplate>
<!-- Policy defined by the Service for the STS -->
<wst:TokenType>urn:oasis:names:tc:SAML:1.1</wst:TokenType>
<wst:KeyType> http://schemas.xmlsoap.org/ws/2004/04/trust/SharedKey </wst:KeyType>
</sp:RequestSecurityTokenTemplate>
</sp:IssuedToken>
</wsp:Policy>

The SAML token could include an autentication statement , autorization statement or attribute statement. Let's suppose that the service need a autorization stantemente or client atribute issued by the STS into SAML token .So, the question is: how to express this policy for the STS?

Thanks in advance,

Edson
Master Degree Student
LCMI / DAS / UFSC
88.040-900 - Brazil - Florianópolis - SC

Add a Comment

(required)  
(optional)
(required)  
Remember Me?


home instructor-led training online training blogs

781.749.9238 (East Coast) | 310.251.9901 (West Coast) | Pluralsight, LLC , 185 Lincoln St., Suite 305, Hingham, MA 02043-1741

Copyright © 2008 Pluralsight LLC. All rights reserved.

designed by nukeation