[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wsrp-comment] Public Comment
Agreed, we plan to have a security technote addressing this issues. The purpose of this technote will be to address the security use cases we identified already and to try to give guidance how the various security standards can be used in conjunction with WSRP. Mit freundlichen Gruessen / best regards, Richard Jacob ______________________________________________________ IBM Lab Boeblingen, Germany Dept.8288, WebSphere Portal Server Development WSRP Team Lead & Technical Lead WSRP Standardization Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888 Email: mailto:richard.jacob@de.ibm.com comment-form@oasi s-open.org To 07/05/2005 06:24 wsrp-comment@lists.oasis-open.org PM cc Subject Please respond to [wsrp-comment] Public Comment richard.perks Comment from: richard.perks@bea.com Name: Richard Perks Title: Principal Consultant Organization: BEA Systems Regarding Specification: WSRP 2.0 In a WSRP architecture involving producers from different vendors, how is security performed? The 1.0 specification does not account for security and we (BEA) have our own SAML implementation for propagating a users identity to the producer. For a heterogeneous producer architecture, what are the options? I can't see we have one in v1.0. For 2.0, the specification also seems vague. It defers to using other web service standards but doesn't really mandate anything as far as I can tell. We could assume everyone would adopt WS-Security, but will this be consistent across vendors? If the specification does not mandate the specific rules for WS-Security (token type, auth method etc) then this will lead to an interoperability issue. --------------------------------------------------------------------- To unsubscribe, e-mail: wsrp-comment-unsubscribe@lists.oasis-open.org For additional commands, e-mail: wsrp-comment-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]