Skip to main content

Posts

Showing posts from June, 2011

Basic Enterprise Web Service Security Concepts

In the (near) past, security was handled by the user interface.  The user interface acted as the sole entry point to the application, and therefore all application security was oriented around user permissions. Added web services is like having great locks on your front door but opening all the windows in your house.  Lots of entry points, each of which needs security. There’s a few basic enterprise web service security concepts that need to be understood to understand web service security. Web service security may operate from a user context, an application context, or both. User Context: Application 1 includes in the (web) service request to application 2 information about the user who performed an action causing the request. Application 2 then decides if the service is permitted based on the user requesting it in application 1. This requires applications 1 and 2 to have a common user security framework (application 2 has to recognize application 1’s user and be able to
Read more

Early Signs of SOA Success

I’ve been working with a client for an extended period of time.  This large IT department has had a variety of SOA tools and technologies available and has been doing major systems integration for 10 years.  Yet while their SOA tools have allowed them to integrate quicker than manual development, their integration methodology (essentially none) has given them 0% reuse. Reuse is a fine objective, but it may not actually be valuable depending on the business and IT organization goals.  In this client’s case we did an extensive evaluation of IT current state, IT future state plans and goals, and business goals.  That may sound like a lot of overhead to determine future state integration and SOA approaches, but in the current economic climate architecture for architecture’s sake is simply not acceptable (if it ever was). Or to put it another way, when IT is aligned with and demonstrating direct business value then IT is valued by the business.  And this attitude has to filter down t
Read more