WSE3.0 Building Web Service Security (1) WSE3.0 security mechanism and instance development

Following the "WCF Distributed Application Development Essentials" series, after a week, I prepared articles on how to use WSE3.0 for Web service Security Development-"WSE3.0 building Web Services Security," and write it to share. The 4th section of the WCF Distributed Application Development Essentials Series Web Services already involves Web services security issues. This series is still an article on the finishing and learning of previous technologies. I have also harvested a lot in the process of tidying up and have a new understanding of the security mechanism of the whole WSE3.0. Regardless of the master or rookie, I hope you can learn from my series of articles in the harvest. So let's get together and learn the first article of this series: WSE3.0 security mechanism and example development.

All articles are divided into 5 sections:

Introduction to 1.WSE3.0 Framework

2. Basic Security Concepts

3. Download and install

4. Code implementation and analysis

5. Summary.

Many reference articles on the Internet are not systematic enough to introduce the security development of WSE. Often there is no code, or there is code but can not run. Finally, I will release the example code of the article as usual. and includes a detailed comment.

Here we go into today's formal study.

"1". Introduction to WSE3.0 Framework

The WSE3.0 full name is Web Services Enhancements 3.0. is a security implementation platform for Web service launched by Microsoft, including for security authentication and encryption of specific class libraries. Many of the security implementations of WSE3.0 can find shadows in the WCF framework. Webserivice 2.0 supports WS-I Basic profile 1.1 and SOAP 1.2. This means that it supports XML 1.0, XML Schema Definition (XSD), Web Services Description Language (WSDL), SOAP 1.1, SOAP 1.2, and basic configuration file conformance validation at compile time. WSE 3.0 complements the functionality of Webserivice 2.0 by providing support for some of the more advanced ws-* protocols.

So we typically use WSE 3.0 to enhance webserivice security. WSE3.0 frequently used features include the following four aspects:

(1) Message based security (ws-security): Support for ws-* protocol

(2) Efficient binary data transmission (MTOM): Message transmission optimization mechanism messages transmission optimization mechanism

(3) Optional hosting environment (host): implementation of multiple host programs, support for external IIS hosting

(4) Customizing the declarative Policy Pipeline (Policy): Customizing the policy according to the needs of the user

First, WSE 3.0 supports the ws-* protocol. It is published jointly by IBM, Microsoft, and Verisign and is a specification of Web service security (Web Services security,ws-security), which provides a set of mechanisms to help Web service developers protect SOAP message exchanges. This specification has been accepted by OASIS, and a new Web Services Technical Committee (Web Service Technical committee,the WSS TC) has been formed to make ws-security an open standard. The conceptual protocol stack prescribes additional elements that are important for building security in Web services. The three new sections in the roadmap, two elements in the policy layer, and one element in the Union layer (as shown in the figure)