Review of the Ann Arbor .NET Developers Group
From WSE to WCFDarrell Hawley gave the presentation for the November Ann Arbor .NET Developers Group on Web Services, WSE, and how that relates to WCF.
He started with an overview of Web Services, and how SOAP, WSDL, and SOA in general, do not adress important issues such as security. Well, as we try and implement and deploy web services in our daily lives, we find that elements of security, like authentication and authorization become very important. So, Microsoft began producing WSE (Web Service Enhancements) toolkits. These include WS-Policy, WS-Security, and WS-SecureConversation.
While these enhancements have all been included in WCF, there is still reason to look at WSE. If you've got any web services already deployed, and want to quickly address these issues (while you wait for your company to decide when to deploy WCF and .NET 3.0), this may be the solution.
Darrell gave a good overview of the difference between direct and brokered authentication, and the tools available in WSE to test the brokered scenarios.
He showed a number of different user authentication protocols available for WSE: clear text, x509 certificates, encrypted username and password, and a completely secure conversation.
While WCF certainly deprecates a lot of what was delivered in the various WSE toolkits, they are still worth investigating. Everything you learn using WSE will apply (although not without some minor modifications) to the WCF world.
Thanks to Darrell for a good presentation. Especially given the incredibly short notice.
The AADND home pageLearn about our upcoming meetings
Darrell's bloghe's been interested in this stuff for a while