cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajeev jha <jha.raj...@gmail.com>
Subject Re: why would you use ws-security with certificates?
Date Mon, 03 Nov 2008 19:16:13 GMT

Thanks a ton!
I believe that for our requirements probably apache-SSL is good enough.
There is only one target server , no intermediaries and transport is on HTTP
only. Only hiccup maybe passing some info from client cert to web service
code, like CN etc.  



dkulp wrote:
> 
> 
> As Glen stated, WS-Security really has it's place when dealing with 
> intermediaries and such that may need to do limitted processing and/or 
> routing.    Also, things like standard HTTP proxy servers can have issues 
> with transport level certs.
> 
> If you use transports other than HTTP, another issue comes up.   For
> example, 
> soap over JMS.   That would work fine with ws-security.
> 
> Dan
> 
> 
> On Friday 31 October 2008 11:33:21 am Rajeev jha wrote:
>> Hi
>> Please excuse my ignorance. I am trying to understand why would you use
>> ws-security with certificates when you can do the  client certificates
>> authentication  at the apache /web server level?
>>
>> So assuming that the web services are published from a web server
>> (stand-alone tomcat or Apache proxying to tomcat) and you can use the web
>> server itself to verify the clients, why use WS-security? what is the
>> advantage?
>>
>> Thanks
>>
>> -rajeev.
> 
> 
> 
> -- 
> Daniel Kulp
> dkulp@apache.org
> http://dankulp.com/blog
> 
> 

-- 
View this message in context: http://www.nabble.com/why-would-you-use-ws-security-with-certificates--tp20268372p20308758.html
Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message