Today's Page Hits: 45
This page validates as XHTML 1.0, and will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device. It was created using techniques detailed at glish.com/css/.
Web Services Interoperability Plugfest
We participated the latest Web Services Interoperability Plugfest hosted in Microsoft last week. Harold has a detailed report of the testing result in his blog.
This is the fourth time I have been to Redmond for the Plugfests. I was focused on the WS-SX scenarios this time. WS-SX covers Oasis standard versions of
WS-Trust1.3, WS-SecureConversation1.3 and WS-SecurityPolicy1.2. W3C standards WS-Policy 1.5 as well as WS-Addressing 1.0 are also used in the tests.
The testing scenarios are rather comprehensive which conver various combinations of the following:
Protection:
1. TransportBinding where SSL is used to protect the messages.
2. SymmetricBinding with X509Token of the server
3. AsymmetricBinding with X509Tokens of the client and the server
Client Authentication Token:
1. Usernam/Password
2. X509 certificate
Issued Tokens from STS:
1. Token Type: SAML 1.1
2. Proof Key Type:
2.1 Symmetric Key
2.2 Public Key with Client X509 certificate
2.3 Optionally Public Key with ephemeral RSA key pairs from the client
2.4 No proof key with Bearer key type
Bootstrap client authentication token for Secure Conversation:
1. X509 certificate
2. Issued Token from an STS
For secure conversation, we tested both the issuance and the cancellation bindings.
As reported by Harold, we have successfully passed most of the testing scenarios.
The only remaining issue is that we have not completed the support of KeyValueToken for use with issued token of public proof key type with ephemeral RSA key pairs.
Posted at 11:25AM Nov 14, 2007 by jiandongg in Sun | Comments[0]