[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: Blended Authentication (AKA "Granular Access Control")


RE:  Blended Authentication (AKA "Granular Access Control")
 

> 
> -----Original Message-----
> From: Chiusano Joseph [mailto:chiusano_joseph@b...] 
> Sent: Wednesday, May 07, 2003 10:06 AM
> To: Rich Salz
> Cc: xml-dev@l...
> 
> <Quote>
> User1 authenticates to A and "delegates" its rights so that A 
> can present its rights, and the delegated User1 rights to B. 
> </Quote>
> 
> That works well from the perspective of A (the sender side) 
> because it asserts that A has the proper claims to access B 
> (this appears to me to be more of a "push" method). But what 
> if B does not consider A to be a valid user? How can B enforce this?
> 
> Also, what about a more granular level, such as at a WSDL 
> Operation or Message level?

Take a look at the WS-Security specs from IBM, Microsoft, et.al.  I believe
they cover your scenario fairly well.  In particular, look at the WS-Trust
spec:
http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnglo
bspec/html/ws-trust.asp



PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.