Chapter 3. Extending SOAP for security
This chapter covers
- Extending SOAP with Headers
- WS-Security with JAX-RPC handlers
- SOAP intermediaries and WS-Addressing
Chapters 1 and 2 provided the background needed to start exploring SOA security. In chapter 1, you learned the basics of SOA and how it impacts security by lowering the barriers between applications. In chapter 2, you reviewed the basics of the most popular approach to realizing SOA—creating and consuming SOAP-based web services. What you have not seen yet is how SOAP can address the security concerns expressed in chapter 1.
SOAP does not address any security issues directly. In fact, it does not directly address other common requirements such as reliability or transactionality, either. ...