Additional Blogs by SAP
cancel
Showing results for 
Search instead for 
Did you mean: 
MartinRaepple
Active Participant
0 Kudos

In my WS-I Sample Application Blog Series: Web Service Implementation Strategy of the   WS-I Sample App Blog series, I provided some insight into advanced Web Service programming techniques that we used to   implement SAP’s new WS-I Sample Application on the WebAS Java Stack. Since the new Sample Application has been redesigned   primarily to support the new WS-I Basic Security Profile (BSP) 1.0, security plays an important role in this blog series and   will be the main focus of this part.

What to expect from this installment

Consequently, we'll start with the security requirements as analyzed in the WS-I SCM (Supply Chain Management) Security Architecture document, which describes the overall   architecture and design of the Sample Application including the security risks. The main part of this installment will give   you an in-depth view of the security measures used to protect the application against the identified threats. This   includes

  • Design and implementation of the WS-I Security Templates
  • Design- and Runtime-configuration of WS-Security
  • Best practices for secure deployable proxy development

Recommended reading

Even though you do need to be a security expert for this part of our blog series, I recommend having at least a quick   look at the SDN Security   Standard pages. There you'll find a comprehensive overview regarding the relevant standards for security in Web   Services. In particular, I recommend the following documents:

If you want to learn more on the details of the WS-Security standard, please check out the WS-BPEL - SAP Developer Network (SDN) which provides all links to the respective specifications published by the OASIS standards   body.

Download the article

Like in the previous installment, the actual content of this blog is provided as a PDF article. Please continue to read the blog content here (PDF, 271k).