通过

WS-Security Interop: This is a Big Deal

  • 项目

Last week we published Simon's new Web Services Interop page.  He published a total of 3 articles on Web services interoperability.  I held off headlining one of them on the MSDN Web Services Developer Center.  Not because it wasn't important...it is very important.  But because I wanted to make a big splash about the Interop page and I didn't want to detract from the initial splash of that and have people focus on this!

So now its time to re-focus on WS-Security interop.  We have had ws-security interop pieces before, but they were not Oasis WS-Security 1.0 implementations.  Similarly you had to do things to get them to work like little tricks to manipulate the headers just so.  Also, while I respect GLUE and the Apache work, interop with these tools was nice, but what you really wanted to see was interop between some of the bigger selling tools -- tools where one vendor and the other vendor may have different agendas and may not historically have great success in working together.  If you could get standardized interop in a scenario like this you would accomplish something.

Well, it is accomplished and Simon's article WS-Security Interoperability Using WSE 2.0 and Sun JWSDP 1.4 is the result.  Not only do we see interop between Microsoft and Sun, but there are no tricks pulled, no rubber chickens waved over your head: all you have to do is setup the application and run it.  No profiles had to be created to allow fundamental digital signatures and encryption to work together.  This says a ton about the tightness of the spec, and the potential for broad interop in the future for WS-Security.

It even talks to the success of the Workshop process for creating the WS-* specifications.  Tim mentions how there are too many specs and it is too complicated, but these specs are simple as far as specs go and I think it is safe to say that WS-Security is the most complex of the whole lot.  If a couple of the first implementations of WS-Security work this well together, I think it is a good sign of future interoperable success for the core Web services architecture.

   -Matt

Comments

  • Anonymous
    October 07, 2004
    URL is broken it should be: http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnbda/html/interopsun.asp (and not msdnprod)

    Before the spec was released there were 8 or so companies (of companies in OASIS TC) in a virtual interop (including CA using Apache WSS4J)...So how is this a big deal now? :)


  • Anonymous
    October 07, 2004
    I see this as being the difference between having this work in a lab and having it work in the real world.

    Thanks for the URL correction. As you probably can guess, I was looking at our staging site when I copied the URLs.

    -Matt
  • Anonymous
    October 08, 2004
    The comment has been removed
  • Anonymous
    October 11, 2004
    I see this as being the difference between having this work in a lab and having it work in the real world.
  • Anonymous
    October 16, 2004
    this information is very important but I need more information buy in spanish if You have...ok
  • Anonymous
    May 29, 2009
    PingBack from http://paidsurveyshub.info/story.php?title=matt-powell-ws-security-interop-this-is-a-big-deal