Chapter 6. Protecting confidentiality of messages using encryption
This chapter covers
- Public key infrastructure
- JCE and Apache XML security
- Certificate authorities
In the preceding chapters, we’ve seen how to extend SOAP via headers. In particular, we saw how to add user credentials so that the application can determine whether the request came from a genuine user. We introduced various techniques to secure credentials so that they cannot be misused by any party listening over the wire or by the service providers themselves.
There is more to security than mere authentication. Imagine that you are requesting a brokerage firm to buy some shares using the funds you have in a bank account. The firm requires you to authenticate with username ...
Get SOA Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.