Part III. Enterprise SOA security
In the final part of this book, we discuss how you can combine the building blocks you learned in part II to construct SOA security services in an enterprise.
Part III consists of chapters 8, 9, and 10.
In chapter 8, we show how you can offer SOA security as a service in an enterprise. You will learn about Security Assertion Markup Language (SAML), WS-Trust, WS-Addressing, and Application-Oriented Networking (AON). These are technologies that are evolving to help you offer security as a horizontal service. We will also show you an example security service in action using Apache Axis and OpenSAML, an open source library.
In chapter 9, we will show you how to codify security policies to enable declarative security and enhance interoperability. WS-Policy and WS-SecurityPolicy will be introduced in this chapter.
In chapter 10 we will discuss all the real-world issues you need to tackle when implementing SOA security in an enterprise. As with any other real-world design problem, there is no “one size fits all” SOA security architecture. In chapter 10 we discuss the issues you will need to tackle and the choices you have to address for each issue. Deployment architectures and XML vulnerability management are two of the important topics discussed in this chapter.
This chapter covers
- SAMLAssertions
- OpenSAML
- WS-Trust and SAML protocol