Chapter 3. Extending SOAP for security

This chapter covers

  • Extending SOAP with Headers
  • WS-Security with JAX-RPC handlers
  • SOAP intermediaries and WS-Addressing

Chapters 1 and 2 provided the background needed to start exploring SOA security. In chapter 1, you learned the basics of SOA and how it impacts security by lowering the barriers between applications. In chapter 2, you reviewed the basics of the most popular approach to realizing SOA—creating and consuming SOAP-based web services. What you have not seen yet is how SOAP can address the security concerns expressed in chapter 1.

SOAP does not address any security issues directly. In fact, it does not directly address other common requirements such as reliability or transactionality, either. ...

Get SOA Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.