By Ingo Rammer, Microsoft MSDN Library.
In
this article the author shows how you can create and use a custom
security token manager with the Web Services Enhancements 2.0 for
Microsoft .NET to check for X.509 certificates, map them to roles and
populate context information with custom principal and identity objects.
He
shows how easy it is to use WS-Policy from within Visual Studio .NET to
add declarative checking of role membership to your applications. The
advantage of this approach based on WS-Security when compared to
classic HTTP based security is that it doesn't rely on transport-level
integrity or security but instead works solely with the SOAP message.
This provides you with end-to-end security capabilities over multiple
hops and protocols.
http://msdn.microsoft.com/library/en-us/dnwse/html/wserolebasedsec.asp
See also WS-Security references: http://xml.coverpages.org/ws-security.html
Comments