Chapter 9. Codifying security policies

This chapter covers

  • WS-Policy
  • WS-MetadataExchange and WS-PolicyAttachment
  • WS-Security Policy

In the previous chapter, which marked the beginning of part III, we began exploring how we can create an enterprise-class SOA security solution using the lessons from part II. As a first step, we looked at how to implement a shared security service that reduces the security enforcement burden on endpoints. That solution addresses only some of the challenges in enterprise security. We will address the remaining ones in this chapter and the next. In this chapter, we will focus on three challenges that can be addressed by adopting a declarative approach to security:

  1. Ease of development and administration There’s ...

Get SOA Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.