Chapter 9. Codifying security policies
This chapter covers
- WS-MetadataExchange and WS-PolicyAttachment
- WS-Security Policy
In the previous chapter, which marked the beginning of part III, we began exploring how we can create an enterprise-class SOA security solution using the lessons from part II. As a first step, we looked at how to implement a shared security service that reduces the security enforcement burden on endpoints. That solution addresses only some of the challenges in enterprise security. We will address the remaining ones in this chapter and the next. In this chapter, we will focus on three challenges that can be addressed by adopting a declarative approach to security:
- Ease of development and administration There’s ...