WS Security issues
- From: "Henrik Skak Pedersen" <hsp@xxxxxxxxxxxxxxxxx>
- Date: Wed, 1 Jun 2005 17:14:05 +0200
Hello,
I am working on a product when we are shipping a web service and a windows
client to several end-customers. The web service should be able to run
either on the inside or on the outside of their firewall. The same CD are
being sent to all customers, so it is not possible to modify anything from
customer to customer. The software should run directly after installation,
without obtaining certificates or anothing else.The clients are running on
Windows 2000 server and client, Windows XP and Windows Server 2003.
I have two demands:
1) All WS requests from the client needs to be authorized by AD. It should
be possible to log in using the current credentials or by specifying an user
name/password pair.
2) All WS requests from the client needs to be encrypted and signed
I have looked into X509SecurityToken, KerberosToken and UsernameToken. But I
just can't see how I solve this the the best way.
If I use X.509 for signing and encryption, then I guess that I have to
distribute the same certificate to all customers, which I guess not i a
smart idea.
I have read that the KerberosToken does not work for Windows 2000.
Any recommendations?
Regards
Henrik Skak Pedersen
.
- Follow-Ups:
- RE: WS Security issues
- From: Yedu
- RE: WS Security issues
- Prev by Date: SOAPException not marked as serializable?
- Next by Date: RE: WS Security issues
- Previous by thread: SOAPException not marked as serializable?
- Next by thread: RE: WS Security issues
- Index(es):
Relevant Pages
|
