In this document I explore the effects of selected web services security policies on SOAP message exchange in the GlassFish ESB v2.x.

This is a work-in-progress document, now at rev 0.4.1.

To provide early access I intend to release revisions of this document as significant new sections become available.

Rev 0.1: Content
? Assumptions and Notes
? Person Service XML Schema and WSDL Interface
? Common XML Project
? PersonSvc BPEL Module
? PersonCli BPEL Module
? JBI-based Person Service ? Plain End-to-End
? JBI-based Person Service ? SSL with Server-side Authentication

Rev 0.2: Additional Content
? JBI-based Person Service ? SSL with Mutual Authentication (broken)
? EJB-based Person Service ? No security
? EJB-based Person Service ? SSL with Server-side Authentication

Rev 0.3: Additional Content
? EJB-based Person Service ? SSL with Mutual Authentication
? JBI-based Person Service - Exploring WS-Addressing

Rev 0.4: Additional and Changed Content
? Modified sections 5.8 and 5.9 (SSL Server side and mutual authentication)
? Using WS-Addressing for Explicit Dynamic Routing
? Pre-requisite Cryptographic Objects [TBC]
? Upgrading Metro to version 1.5 [TBC]
? Username Token Profile 1.0 (2004) Policy [TBC]

More in CH05_WSSecurityExploration_r0.4.1.pdf at http://mediacast.sun.com/users/Micha....1.pdf/details

The archive, CH05_WSSecurityExploration_r0.4.1.zip, containing all projects developed so far is to be found at http://mediacast.sun.com/users/Micha....1.zip/details.






More...