Much of the last year of my life has been spent working on the WS-SecurityPolicy spec, which was republished today. This version is significantly different from the previous one. Here are the highlights;
- Formalized notion of a security binding
- Specific bindings for transport level security and both symmetric and asymmetric key based message level security
- Support for many different token types including federated tokens
- Mechanism for specifying additional tokens
- Support for specifying various WSS 1.0, WSS 1.1 and WS-Trust options
posted on Wednesday, July 13, 2005 3:13 AM
-
# Link Listing - July 14, 2005
Posted @ 7/13/2005 10:15 PM
August
2005 issue of MSDN Magazine now online [Via: toub ]
Breaking
News: New Microsoft Certification...
-
# Link Listing - July 14, 2005
Posted @ 7/13/2005 10:16 PM
August
2005 issue of MSDN Magazine now online [Via: toub ]
Breaking
News: New Microsoft Certification...
-
# Keeping up with the Joneses #1
Posted @ 7/15/2005 4:40 PM
-
# re: New WS-SecurityPolicy published
Posted @ 2/8/2006 11:26 AM
Hi Margin,
My name is Edson, I am a master degree student and my research include the development of a web service aplication.
I have a doubt about WS-SecurityPolicy specification. I think that you can help me :o)
Let's assume the scenery where a relying part defined in your WSDL needs a SAML Token issued by a STS (WS-Trust). So, I think that the policy into WSDL should be thus:
Syntax:
<wsp:Policy>
<sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<sp:Issuer> <EndpointReference xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<Address>http://AdressOfTheSTS.com</Address>
</sp:Issuer>
<sp:RequestSecurityTokenTemplate>
<!-- Policy defined by the Service for the STS -->
<wst:TokenType>urn:oasis:names:tc:SAML:1.1</wst:TokenType>
<wst:KeyType> http://schemas.xmlsoap.org/ws/2004/04/trust/SharedKey </wst:KeyType>
</sp:RequestSecurityTokenTemplate>
</sp:IssuedToken>
</wsp:Policy>
The SAML token could include an autentication statement , autorization statement or attribute statement. Let's suppose that the service need a autorization stantemente or client atribute issued by the STS into SAML token .So, the question is: how to express this policy for the STS?
Thanks in advance,
Edson
Master Degree Student
LCMI / DAS / UFSC
88.040-900 - Brazil - Florianópolis - SC
|