1 WS-Policy. 2 What’s the Problem? To use a web service a client needs more information than is provided in WSDL file. Examples: –Does service support.

Slides:



Advertisements
Similar presentations
On and use=document|rpc, style=literal|encoded A personal opinion Sanjiva Weerawarana IBM Research September 9-11, 2002.
Advertisements

April 23, XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002 Goals Requirements Summary –General, Security Last Call Issues –For.
® IBM Software Group © IBM Corporation WS-Policy Attachment- spec overview Maryann Hondo IBM.
WS-Policy Brian Garback. 2 Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy.
What is XML? a meta language that allows you to create and format your own document markups a method for putting structured data into a text file; these.
WS – Security Policy Prabath Siriwardena Director, Security Architecture.
WSDL SC 10 th WSRP F2F, Washington DC, Nov 2004 Andre Kramer.
SOAP & Security IEEE Computer Society Utah Chapter Hilarie Orman - Purple Streak Development Tolga Acar - Novell, Inc. October 24, 2002.
SOAP.
CIS 375—Web App Dev II SOAP.
SOAP SOAP is a protocol for accessing a Web Service. SOAP stands for Simple Object Access Protocol * SOAP is a communication protocol * SOAP is for communication.
Web Services Seminar: Service Description Languages
Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.
3d.1 More on XML XML Schema Definition Language (XSD)
WS-PolicyNegotiate A Web Service Standard for Policy Negotiation by Nicholis Bufmack.
CSE 636 Data Integration Web Services.
ΗΛΕΚΤΡΟΝΙΚΟ ΕΜΠΟΡΙΟ Web Services Overview Mary Grammatikou 9/06/2009.
WSDL Web Services Description Language Neet Wadhwani University of Colorado 3 rd October, 2001.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
1 Web Services Security XML Encryption, XML Signature and WS-Security.
Service-Oriented Programming
TP2653 Adv Web Programming SOAP and WSDL. SOAP Simple Object Access Protocol – Lightweight XML-based messaging protocol – A protocol for accessing a Web.
Constraints and Capabilities Workshop Oracle Position Ashok Malhotra Greg Pavlik.
Aalborg University – Department of Production XML Extensible Markup Language Kaj A. Jørgensen Aalborg University, Department of Production XML – Extensible.
Security COMP6017 Topics on Web Services Dr Nicholas Gibbins –
XP 1 CREATING AN XML DOCUMENT. XP 2 INTRODUCING XML XML stands for Extensible Markup Language. A markup language specifies the structure and content of.
Web Services and HL7v3 in IHE profiles Vassil Peytchev Epic.
XML Overview. Chapter 8 © 2011 Pearson Education 2 Extensible Markup Language (XML) A text-based markup language (like HTML) A text-based markup language.
Web Services (SOAP, WSDL, and UDDI)
WEB SERVICE DESCRIPTION LANGUAGE ( WSDL) -SIVA SAGAR TELLA.
 XML is designed to describe data and to focus on what data is. HTML is designed to display data and to focus on how data looks.  XML is created to structure,
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
XML – An Introduction Structured Data Mark-up James McCartney CSCE 590, Cluster and Grid Computing.
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
WS-Security Protocol Ramkumar Chandrasekharan CS 265.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
XML Basics A brief introduction to XML in general 1XML Basics.
XML and Web Services (II/2546)
WS-Security Additional Material. Security Element: enclosing information n UsernameToken block u Defines how username-and-password info is enclosed in.
Internet & World Wide Web How to Program, 5/e. © by Pearson Education, Inc. All Rights Reserved.2.
Kemal Baykal Rasim Ismayilov
Introduction to Web Services. SOAP SOAP originally stood for "Simple Object Access Protocol". Web Services expose useful functionality to Web users through.
David Orchard W3C Lead BEA Systems Web service and XML Extensibility and Versioning.
Leveraging Web Service Security Standards Richard Jacob WSRP F2F LA, March, 2004.
Introduction to Web Services Presented by Sarath Chandra Dorbala.
Lecture VI: SOAP-based Web Service CS 4593 Cloud-Oriented Big Data and Software Engineering.
1 G52IWS: Web Services Description Language (WSDL) Chris Greenhalgh
Web Services Blake Schernekau March 27 th, Learning Objectives Understand Web Services Understand Web Services Figure out SOAP and what it is used.
CIS 228 The Internet 9/20/11 XHTML 1.0. “Quirks” Mode Today, all browsers support standards Compliant pages are displayed similarly There are multiple.
Web Services. XML Namespaces, Schemas XML processing. Week 2.
From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 9 Web Services.
Service Description: Addressing & Policy COMP6017 Topics on Web Services Dr Nicholas Gibbins –
August 3, 2004WSRP Technical Committee WSRP v2 leveraging WS-Security 1. Motivation 2. WS-Securtiy Roadmap and Status 3. WSRP Use Cases 4. Strawman/Issues.
Florida Atlantic University Department of Electrical and Computer Engineering &Computer Science ( ECECS ) &Computer Science ( ECECS ) Security Systems.
XML BASICS and more…. What is XML? In common:  XML is a standard, simple, self-describing way of encoding both text and data so that content can be processed.
CIS 228 The Internet 9/20/11 XHTML 1.0.
G52IWS: Extensible Markup Language (XML)
WS-Policy Brian Garback Department of Computer Science
Web Service Metadata Exchange
Techniques to Invoke Web Services from SAS
Presentation transcript:

1 WS-Policy

2 What’s the Problem? To use a web service a client needs more information than is provided in WSDL file. Examples: –Does service support WS-Security? If so: What encryption algorithm does it expect (or prefer)? Must messages be signed? –What character encoding is used? –What version of SOAP is supported? A policy is a set of conditions expected by a service. WS-Policy provides an XML based declarative mechanism for expressing a policy that can be –integrated with WSDL or attached as a tModel in UDDI –enforced by web services infrastructure

3 Policy Expression A policy expression is a set of policy assertions A policy assertion expresses a specific characteristic of a service –Standard sets of assertions are defined (as schemas) –Others will be developed A policy subject is the resource described by a policy assertion A policy attachment binds an expression to a subject –Separate standard: WS-PolicyAttachment –Defines how to reference WS-Policy expressions from XML documents (e.g., WSDL, UDDI)

4 Policy Expression <wsp:Policy xmlns:wsp=“…policy ns…” xmlns:wsu=“…utility ns…” wsu:Id=“…URI …” Name=“…local_name…” targetNamespace=“target” > expression can be referred to with URI or as {target}local_name

5 Policy Assertion tag from a particular (presumably standard) assertion namespace attributes defined in WS-Policy possible values: -Required -Rejected -Optional -Others… if several alternatives are allowed, then preference is expressed as a number between 0 and 100 Extensibility: Policies in different areas will be standardized and introduced through unique namespaces

6 Example <wsp:Policy xmlns:wsp=“…wspolicy ns…” xmlns:wsse=“…securityPolicy ns…” > wsse:Kerberosv5ST standard for security policy is WS-SecurityPolicy assertions

7 Example <wsp:Policy xmlns:wsp=“…wspolicy ns…” xmlns:wsse=“…securityPolicy ns…” > wsse:Kerberosv5ST operators: All ExactlyOne OneOrMore (nesting allowed)

8 WS-PolicyAssertions Standard for general policy assertions: –Character encoding –Natural language –Specification version –Constraint on message structure Default is Xpath expression count(wsp:GetHeader(.)/wsse:Security) = 1 count(wsp:GetBody(.)/*) = 1 one security header block body has 1 child

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.