LibraryToggle FramesPrintFeedback

Figure 6.1 shows an overview of the basic signing and encryption scenario, which is specified by associating an asymmetric binding policy with an endpoint in the WSDL contract.


When the client in Figure 6.1 invokes a synchronous operation on the recipient's endpoint, the request and reply message are processed as follows:

  1. As the outgoing request message passes through the WS-SecurityPolicy handler, the handler processes the message in accordance with the policies specified in the client’s asymmetric binding policy. In this example, the handler performs the following processing:

    1. Encrypt the SOAP body of the message using Bob’s public key.

    2. Sign the encrypted SOAP body using Alice’s private key.

  2. As the incoming request message passes through the server's WS-SecurityPolicy handler, the handler processes the message in accordance with the policies specified in the server’s asymmetric binding policy. In this example, the handler performs the following processing:

    1. Verify the signature using Alice’s public key.

    2. Decrypt the SOAP body using Bob’s private key.

  3. As the outgoing reply message passes back through the server's WS-SecurityPolicy handler, the handler performs the following processing:

    1. Encrypt the SOAP body of the message using Alice’s public key.

    2. Sign the encrypted SOAP body using Bob’s private key.

  4. As the incoming reply message passes back through the client's WS-SecurityPolicy handler, the handler performs the following processing:

    1. Verify the signature using Bob’s public key.

    2. Decrypt the SOAP body using Alice’s private key.

Comments powered by Disqus
loading table of contents...