[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [wsrp] Answers to Security Questions
1.a. Do you support the receipt of multiple identities (Consumer and End-User) on a SOAP message which can be separately queried by the provider application? Do you support sending multiple identities? <Satish> No. </Satish> 1.b. What WS-Security tokens will be supported for transferring identities (e.g. UserName, SAML, Kerberos, Digital Signature, etc)? <Satish> UserName and SAML tokens will be supported. </Satish> 1.c. Would transferring the End-User identity via a WS-Security token and the Consumer identity via transport-level security be supported? <Satish> Use of UserName and SAML tokens will be supported. SSL certificates for transport level security. </Satish> 1.d. Any restrictions on how multiple identities can be attached to a particular SOAP message? <Satish> The messages may not be supported by the producer. </Satish> 2. What security granularity is expected when transferring an identity (for example; portals often have a concept of user role that relates to the End-User's current use of the portal rather than their identity ... is the transfer of such attributes supported (e.g. via SAML attributes))? <Satish> No. Not at this time. </Satish> 3. Is support for maintaining security contexts for multiple web service requests anticipated? If so, using what security technology (e.g. WS-SecureConversation)? <Satish> No. Not at this time. </Satish> 4. Is automated configuration of all endpoints supported? If so, how are any particular inputs to the process indicated, supported, standardized and maintained? <Satish> No. Not at this time. </Satish>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]