Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
ASIN: 0672326515
Average Customer Review: 3.5, based on 13 reviews.
Customer reviews (5 of 13)
Worthless For Programmers, 2006-04-27, Rating: 1.
Agree completely with all of the other reviewers in respect to practical working examples and detailed information. This is nothing more than a high-level overview of documentation and specifications you can easily find yourself on the internet. Look elsewhere (and yeah, I'm still looking myself) for solid information about how to design and deploy WS-* applications.
Weak examples., 2006-04-08, Rating: 2.
This book delivers good introduction to WS-* specs beyond that I don't find much help. From a developer perspective, the book does'nt help with good examples, it is missing with coding guidance and also lacks detail about the PKI in Web services. Possibly this book is too early to market before the specs are endorsed by OASIS. It's time for a revision..otherwise I could've added two more stars.
Good Overview of Web Services Security, 2006-04-07, Rating: 4.
This book is a good introduction to the application of security to Web Services and SOA. The authors focus on "message level" security versus "transport level" security, and its application to Web Services. The book explains standards: WS-Security, WS-Policy, WS-SecurePolicy and other current standards at the time of publishing (2004).
However these standards are constantly evolving and this book needs to be updated on a regular basis.
Gary E. Smith
SOA Network Architect
SOA Networks
However these standards are constantly evolving and this book needs to be updated on a regular basis.
Gary E. Smith
SOA Network Architect
SOA Networks
good intro book - need a revision, 2006-01-17, Rating: 3.
i am an architect working on large-scale web services on j2ee and .net ddevlopment and deplyment. I bought this book for getting myself introduced to ws-security and saml. if you would like to know the security specifications for web services at a high-level you may find this book useful. If you are looking at the practical aspects of how to implement them in a j2ee or .net web services you wil find limited help. The coverage on ws-* specs are little bit old as new revisions are already out.
Good intro but needs an update, 2005-12-22, Rating: 3.
This book would help you if you need an introduction to Web services security standards. If you need to know the strategies for how to implement then this book may not help much. Some of the specifications discussed in the book is not complete and there is lot of confusion in the standards committee moving forward. I bought this book before I bought the Core Security Patterns which details both the standards and patterns-based implementation strategies for Web services security. This book also needs a revision in terms of updating to SAML 2.0, WS-Security 1.1, WS-I Basic Security profile.
Projects