Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: Blended Authentication (AKA "Granular Access Control")
 > > -----Original Message----- > From: Chiusano Joseph [mailto:chiusano_joseph@b...] > Sent: Wednesday, May 07, 2003 10:06 AM > To: Rich Salz > Cc: xml-dev@l... > > <Quote> > User1 authenticates to A and "delegates" its rights so that A > can present its rights, and the delegated User1 rights to B. > </Quote> > > That works well from the perspective of A (the sender side) > because it asserts that A has the proper claims to access B > (this appears to me to be more of a "push" method). But what > if B does not consider A to be a valid user? How can B enforce this? > > Also, what about a more granular level, such as at a WSDL > Operation or Message level? Take a look at the WS-Security specs from IBM, Microsoft, et.al. I believe they cover your scenario fairly well. In particular, look at the WS-Trust spec: http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnglo bspec/html/ws-trust.asp 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
