SOAP Web Service Tutorials - Herong's Tutorial Examples - v5.13, by Herong Yang
Using XML Signature and Encryption with WSS
This section describes XML Signature and XML Encryption specifications developed by W3C, which are used with WS-Security (WSS) to provide SOAP message integrity and confidentiality.
Using only WS-Security 1.1.1 standard and security token profile specifications presented in the previous section can help us to pass security information in the SOAP header to authenticate the web service sender.
If we want to enhance to SOAP messaging to provide message integrity and confidentiality by sign and encrypt SOAP messages, we need to two additional specifications developed by W3C:
So in order to achieve Web service security with SOAP messages, we need to learn 3 layers of specifications to build SOAP request and response XML messages:
The following picture shows an example of SOAP request XML structure showing XML elements and attributes from all three specification layers:
Table of Contents
Introduction to SOAP (Simple Object Access Protocol)
SOAP Message Transmission and Processing
SOAP MEP (Message Exchange Patterns)
PHP SOAP Extension Client Programs
PHP SOAP Extension Server Programs
PHP SOAP Web Service Example - getTemp
Perl SOAP::Lite - SOAP Server-Client Communication Module
Perl Socket Test Program for HTTP and SOAP
Perl SOAP::Lite for NumberToWords SOAP 1.1 Web Service
Perl SOAP::Lite for SOAP 1.2 Web Services
Java Socket and HttpURLConnection for SOAP
SAAJ - SOAP with Attachments API for Java
SoapUI - SOAP Web Service Testing Tool
►WS-Security - SOAP Message Security Extension
►Using XML Signature and Encryption with WSS
SOAP Header Element "Security"
What Is WS-Security Username Token Profile
SoapUI Configuration for Username Token
Generating Username Token with SoapUI
Validating wsse:Password Digest String
Password Digest Validation Program
WS-Security X.509 Certificate Token
Perl SOAP::Lite for GetSpeech SOAP 1.1 Web Service
Perl SOAP::Lite 0.710 for SOAP 1.2 Web Services
Perl SOAP::Lite 0.710 for WSDL