| Turnkey Security Models |
Description |
| AnonymousOverCertificate |
In this model, any anonymous client can achieve message-level encryption by using the server's public X.509 certificate. |
| Kerberos |
The client and the server use Kerberos tokens for message-level encryption and/or authentication. This solution requires a Kerberos Domain Controller (KDC) or a custom token provider. |
| MutualCertificate |
This model provides for authentication and message-level encryption through the exchange of a client X.509 certificate and a Server X.509 certificate. |
| UsernameOverTransport |
As the name suggests, authentication is done through a supplied username and password, and message-level security is implemented through SSL. |
| UsernameOverCertificate |
Like the UsernameOverTransport, a username and password are supplied for authentication, but an X.509 server certificate is used for message-level encryption instead of SSL. |
Table 1 Choose a WSE 3.0 Turnkey Security Model.
The WSE 3.0 toolkit lets you use several out-of-the-box security solutions to simplify making your Web services more secure. For a more detailed listing, see the precompiled help documentation installed with WSE 3.0.
|