WS Federation Developer Introduction Maryann Hondo Tony Nadalin Security Architect Chris Kaler...
-
Upload
harvey-lindsey -
Category
Documents
-
view
220 -
download
0
Transcript of WS Federation Developer Introduction Maryann Hondo Tony Nadalin Security Architect Chris Kaler...
WS FederationWS FederationDeveloper IntroductionDeveloper Introduction
Maryann HondoMaryann HondoTony NadalinTony NadalinSecurity ArchitectSecurity Architect
Chris KalerChris KalerSecurity ArchitectSecurity Architect
AgendaAgenda
Web Services OverviewWeb Services OverviewWeb Services 101Web Services 101
Security RoadmapSecurity Roadmap
Federation OverviewFederation Overview
Example ScenarioExample Scenario
Specification SummarySpecification Summary
Federation DrilldownFederation Drilldown
The Evolution to Web The Evolution to Web ServicesServices
Business BenefitBusiness Benefit
Pre-1990sCustom, staticCustom, staticB2B IntegrationB2B IntegrationCustom, staticCustom, staticB2B IntegrationB2B Integration
Early 1990sApplication integration
technologies appearApplication integration
technologies appear
Late 1990sWeb technologies appear
e.g. HTTP, HTML, XMLWeb technologies appear
e.g. HTTP, HTML, XML
2000+Web application
technology = Web services
Web application technology = Web services
Your CompanyYour CompanyREQUEST
REQUESTREPLY
REPLY
Web Services OverviewWeb Services Overview
UDDI ServerUDDI Server
UDDI Server can UDDI Server can be used to locate be used to locate
available Web available Web servicesservices
WSDL WSDL describes describes
the the Web serviceWeb service
WS
DL
WS
DL
XMLXML
Web Services OverviewWeb Services Overview
XMLXML
Your CompanyYour Company Internal SystemsInternal Systems
PartnersPartners CustomersCustomers
SOAPSOAPSOAPSOAPSOAPSOAP
Web Services OverviewWeb Services OverviewWhat Has What Has
Been Missing?Been Missing?
SecuritySecurity
Reliable MessagingReliable Messaging
TransactionsTransactions
Your CompanyYour Company
PolicyPolicy
Web Services TodayWeb Services TodayWeb services is currently Web services is currently an early majority marketan early majority market
Many successful deploymentsMany successful deployments
A 1A 1stst or 2 or 2ndnd focus for CIOs and focus for CIOs and architectsarchitects
Web services add Web services add immediate value to a broad immediate value to a broad range of scenariosrange of scenarios
Base infrastructure – SOAP Base infrastructure – SOAP and WSDL – have broad and WSDL – have broad adoption and tool adoption and tool integrationintegration
Great progress toward Great progress toward enabling security, enabling security, reliability, and transactionsreliability, and transactions
6%
15%
24%
33%
33%
70%
Other
ERP
B-to-C eCommerce
CRM
Supply Chain
B-to-B eCommerce
"In what areas will web services be most effective for your company?"
InfoWorld CTO Survey
"Web services development projects are at the top of the list of company priorities and one of the last budgets to be raided when budget cuts are made." - Gartner survey of 111 North American Companies
Real World Web Services Real World Web Services Connecting EverythingConnecting Everything
BusinessNetworks
PersonalNetworks
SocialNetworks
Value ChainNetworks
CustomerRelationship
Networks
ScientificNetworks
GovernmentNetworks
Purchasing
Fulfillment
HR
Web ServicesWeb Services
Provides a general-purpose, Provides a general-purpose, composable protocol frameworkcomposable protocol framework
Enables Service-Oriented Architecture Enables Service-Oriented Architecture (SOA)-based application development(SOA)-based application development
Provides flexibility through metadata-Provides flexibility through metadata-driven description and policydriven description and policy
Provides security with a capabilities-Provides security with a capabilities-based security modelbased security model
Web Services ProcessWeb Services Process
Developed in a process of partnerships Developed in a process of partnerships and open public workshopsand open public workshops
Specification workshopsSpecification workshops
Interoperability workshopsInteroperability workshops
Culminates in royalty-free specifications Culminates in royalty-free specifications
Secure, Reliable, TransactedSecure, Reliable, TransactedWeb Services Web Services
Service Composition
ComposableService
Assurances
Description
Messaging
Transports
BPEL4WS
Security
XSD, WSDL, UDDI, Policy, MetadataExchange
XML, SOAP, Addressing
HTTP, HTTPS, SMTP
ReliableMessaging
Transactions
From joint IBM/MSFT WS Whitepaper at From joint IBM/MSFT WS Whitepaper at http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnwebsrv/html/wsoverview.asp
Importance of CompositionImportance of Composition
Everything works in combinationEverything works in combinationEx: Transaction context works over a reliable Ex: Transaction context works over a reliable connection connection
Ex: Participants use WS-Security to secure Ex: Participants use WS-Security to secure transactions (for all types participants)transactions (for all types participants)
Not "reinventing the wheel" for every stackNot "reinventing the wheel" for every stackCode reuse, lower costs, faster time to marketCode reuse, lower costs, faster time to market
Ex: all resources named using WS-AddressingEx: all resources named using WS-Addressing
The overall system is more stableThe overall system is more stableChanges don't percolate up the stackChanges don't percolate up the stack
Ex: By using WS-Security, Federation supports Ex: By using WS-Security, Federation supports all tokens, all tokens, including future onesincluding future ones
Composable HeadersComposable Headers
Addressing
<S:Envelope … > <S:Header> <wsa:ReplyTo> <wsa:Address>http://business456.com/User12</wsa:Address> </wsa:ReplyTo> <wsa:To>http://fabrikam123.com/Traffic</wsa:To> <wsa:Action>http://fabrikam123.com/Traffic/Status</wsa:Action> <wssec:Security> <wssec:BinarySecurityToken ValueType="wssec:X509v3" EncodingType=“wssec:Base64Binary"> dWJzY3JpYmVyLVBlc…..eFw0wMTEwMTAwMD </wssec:BinarySecurityToken> </wssec:Security> <wsrm:Sequence> <wsu:Identifier>http://fabrikam123.com/seq1234</wsu:Identifier> <wsrm:MessageNumber>10</wsrm:MessageNumber> </wsrm:Sequence> </S:Header> <S:Body> <app:TrafficStatus xmlns:app="http://highwaymon.org/payloads"> <road>520W</road><speed>3MPH</speed> </app:TrafficStatus> </S:Body></S:Envelope>
Security
Reliability
Web Service Security RequirementsWeb Service Security Requirements
InteroperableInteroperablePeople, systems, applications, and servicesPeople, systems, applications, and services
Seamlessly with reliable messaging and Seamlessly with reliable messaging and transactionstransactions
Heterogeneous environmentsHeterogeneous environments
Information/processes flow across Information/processes flow across application networksapplication networks
Autonomous SecurityAutonomous SecurityIndividual services must be autonomousIndividual services must be autonomous
Operate with intermittent connectivityOperate with intermittent connectivity
Web Service Security RequirementsWeb Service Security Requirements
Dynamic SecurityDynamic SecurityAssume change Assume change
Evolving set of participantsEvolving set of participants
Mobile clients and serversMobile clients and servers
Decentralized SecurityDecentralized SecurityNot owned/operated by a single entityNot owned/operated by a single entity
Reflect political, social, economic forcesReflect political, social, economic forces
Arbitrary network topologyArbitrary network topology
Support existing business models, not force Support existing business models, not force them to changethem to change
Web Service Security RequirementsWeb Service Security Requirements
Internet-Ready SecurityInternet-Ready SecurityReach, scale, and capabilities to mirror the Reach, scale, and capabilities to mirror the today's Internet-based worldtoday's Internet-based world
The Security ModelThe Security Model
Capabilities-BasedCapabilities-BasedWS-Security provides mechanisms to associate WS-Security provides mechanisms to associate security tokens with messagessecurity tokens with messages
Identity mapping and user attributes support ACL-Identity mapping and user attributes support ACL-based modelsbased models
Policy-DrivenPolicy-DrivenWS-Policy enables services to describe required WS-Policy enables services to describe required claims (and more - described next)claims (and more - described next)
DecentralizedDecentralizedWS-Trust enables anyone to become a trust broker; WS-Trust enables anyone to become a trust broker; e.g. provide identity or group membershipe.g. provide identity or group membership
End-to-end security, don’t assume point-to-point, End-to-end security, don’t assume point-to-point, don’t assume back-channelsdon’t assume back-channels
Metadata/Capability-Driven FederationMetadata/Capability-Driven Federation
AccessPolicy
FederationPolicy
Identity Service
Pseudonym and Attribute Service
Security Token Service(Access Control Service provides Permission Tokens)
Target Service
Management
AccessAll
Areas
K.A. JaleCorporation
Kat Alexandra
Management
AccessAll
Areas
K.A. JaleCorporation
Kat Alexandra
WS-Security RoadmapWS-Security Roadmap
SecuritySecurity
SecuritySecurityPolicyPolicy
SecureSecureConversationConversation
TrustTrust
FederationFederation
PrivacyPrivacy
AuthorizationAuthorization
SOAP MessagingSOAP Messaging
WS-FederationWS-FederationAnnounced by BEA, IBM, Microsoft, RSA, and VeriSignAnnounced by BEA, IBM, Microsoft, RSA, and VeriSign
WS-Federation WS-Federation (Web Services Federation Language)(Web Services Federation Language)
Enables security realms to federateEnables security realms to federate
Enhances policy to enable federation of related servicesEnhances policy to enable federation of related services
Describes federation messagesDescribes federation messages
Describes federated Attribute and Pseudonym service relationships Describes federated Attribute and Pseudonym service relationships
WS-Federation: Passive Requestor ProfileWS-Federation: Passive Requestor Profile
Uses the cross trust realm identity, authentication and authorization Uses the cross trust realm identity, authentication and authorization federation mechanisms in WS-Federation to support passive federation mechanisms in WS-Federation to support passive requestors, such as Web browsersrequestors, such as Web browsers
WS-Federation: Active (Smart) Requestor ProfileWS-Federation: Active (Smart) Requestor Profile
Uses the cross trust realm identity, authentication and authorization Uses the cross trust realm identity, authentication and authorization federation mechanisms in WS-Federation to support active requestors, federation mechanisms in WS-Federation to support active requestors, such as SOAP-enabled applicationssuch as SOAP-enabled applications
SummarySummary
WS Industry PartnershipWS Industry PartnershipDefining a complete, general-purpose, composable Defining a complete, general-purpose, composable web services architectureweb services architecture
Rich, metadata-driven, capabilities-based security modelRich, metadata-driven, capabilities-based security model
WS-FederationWS-FederationFactored, composable building blocks to enable the Factored, composable building blocks to enable the broadest range of federated security scenariosbroadest range of federated security scenarios
Easy to integrate with existing and future identity systemsEasy to integrate with existing and future identity systems
Support by all the major application server vendorsSupport by all the major application server vendors
ComposabilityComposabilityApplication integrationApplication integration
Time-to-marketTime-to-market
Cost-savingsCost-savings
Future-proofing your architecturesFuture-proofing your architectures
AgendaAgenda
Web Services OverviewWeb Services Overview
Example ScenarioExample ScenarioScenario OverviewScenario Overview
Specification UsageSpecification Usage
Specification SummarySpecification Summary
Federation DrilldownFederation Drilldown
Example TopologyExample Topology
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
Example ScenarioExample ScenarioBrowser Client Ordering Parts for DealerBrowser Client Ordering Parts for Dealer
Heather Heather Logs InLogs In
Manufacturer Trusts DealerManufacturer Trusts Dealer
TechnologiesTechnologies
SecuritySecurity
FederationFederation
Heather Logs OutHeather Logs Out
Tony Tony Logs InLogs In
Example ScenarioExample ScenarioRoaming Smart Client – Vendor Managed InventoryRoaming Smart Client – Vendor Managed Inventory
Identity Flows To ManufacturerIdentity Flows To Manufacturer
TechnologiesTechnologies
SecuritySecurity
FederationFederation
WarehouseWarehouse
Places Places OrderOrder
Example ScenarioExample ScenarioRoaming Smart Client – Vendor Managed InventoryRoaming Smart Client – Vendor Managed Inventory
Se
cure
, Rel
iab
le
Se
cure
, Rel
iab
le
Tra
ns
ac
ted
Tra
ns
ac
ted
TechnologiesTechnologies
SecuritySecurity
ReliabilityReliability
TransactionsTransactions
Secure, ReliableSecure, Reliable
Selected Message FlowsSelected Message Flows
Heather logs inHeather logs in
Heather logs outHeather logs out
Tony logs inTony logs in
Back-end system processes orderBack-end system processes order
Heather – Example Login Heather – Example Login
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService11
22
33
44
Heather – Example Logout Heather – Example Logout
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
44
11
22
33
Tony – Example LoginTony – Example Login
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
11
22
Assumes policies are known/cachedAssumes policies are known/cached
Backend ProcessingBackend Processing
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
11
22 33 44
55
55
Specification UsageSpecification Usage
MessagingMessagingSOAPSOAP
DescriptionDescriptionWSDLWSDL
SecuritySecurityWS-SecurityWS-Security
WS-SecureConversationWS-SecureConversation
Reliable MessagingReliable MessagingWS-ReliableMessagingWS-ReliableMessaging
TransactionsTransactionsWS-AtomicTransactionsWS-AtomicTransactions
WS-AddressingWS-Addressing
WS-Policy*WS-Policy*
WS-TrustWS-Trust
WS-FederationWS-Federation
MessagingMessaging
WS-AddressingWS-AddressingUsed to address messages to appropriate Used to address messages to appropriate recipients and provide reply semanticsrecipients and provide reply semantics
Policy FrameworkPolicy Framework
WS-PolicyWS-PolicySpecifies the requirements of each Specifies the requirements of each serviceservice
WS-PolicyAttachmentWS-PolicyAttachmentSome services use WSDLSome services use WSDL
Some have separate policy attachmentsSome have separate policy attachments
WS-PolicyAssertionsWS-PolicyAssertionsUsed to describe basic characteristicsUsed to describe basic characteristics
SecuritySecurity
WS-SecurityWS-SecurityUsed to secure messages, different tokens usedUsed to secure messages, different tokens used
WS-SecurityPolicyWS-SecurityPolicySpecifies security requirementsSpecifies security requirements
WS-TrustWS-TrustUsed to obtain identity and access tokensUsed to obtain identity and access tokens
WS-SecureConversationWS-SecureConversationUsed to create sessions for common Used to create sessions for common communication pathscommunication paths
WS-FederationWS-FederationUsed to broker identities across trust boundariesUsed to broker identities across trust boundaries
Reliable MessagingReliable Messaging
WS-ReliableMessagingWS-ReliableMessagingUsed to ensure in-order delivery of Used to ensure in-order delivery of messagesmessages
TransactionsTransactions
WS-AtomicTransactionWS-AtomicTransactionUsed to ensure warehouses update Used to ensure warehouses update inventories in a consistent wayinventories in a consistent way
SummarySummary
Complete solution for interoperable Complete solution for interoperable secure, reliable, transacted servicessecure, reliable, transacted services
Enables single sign-onEnables single sign-on
Supports browsers and smart clientsSupports browsers and smart clients
Works with existing infrastructureWorks with existing infrastructure
Integrated into products from the Integrated into products from the leading system, application, & security leading system, application, & security vendorsvendors
Increases business flexibility and Increases business flexibility and reduces riskreduces risk
AgendaAgenda
Web Services OverviewWeb Services Overview
Example ScenarioExample Scenario
Specification SummarySpecification SummaryOverviewOverview
DrilldownDrilldown
Federation DrilldownFederation Drilldown
Secure, Reliable, TransactedSecure, Reliable, TransactedWeb Services Web Services
Service Composition
ComposableService
Assurances
Description
Messaging
Transports
BPEL4WS
Security
XSD, WSDL, UDDI, Policy, MetadataExchange
XML, SOAP, Addressing
HTTP, HTTP, SMTP
ReliableMessaging
Transactions
From joint IBM/MSFT WS Whitepaper at From joint IBM/MSFT WS Whitepaper at http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnwebsrv/html/wsoverview.asp
WS-* Specifications TimelineWS-* Specifications Timeline
December2002
WS-Security
WS-Transaction
WS-PolicyAssertions
WS-Coordination
WS-Policy
WS-PolicyAttachment
WS-Trust
WS-SecureConversation
WS-SecurityPolicy
August2002
April2002
June2002
March2003
SecurityRoadmap
WS-ReliableMessaging
WS-Addressing
ReliableMessageRoadmap
June2003
WS-PolicyAssertions
v1.1
WS-Policyv1.1
WS-PolicyAttachment
v1.1
April2003
July2003
WS-Federation
September2003
OASISWS-SecurityV1 Last Call
WS-AtomicTx
WS-Coordination
MessagingMessaging
SOAP MessagingSOAP Messaging
AddressingAddressing
WS-AddressingWS-Addressing
Describes transport-neutral Describes transport-neutral mechanisms to address Web Services mechanisms to address Web Services and messagesand messages
Identification of Web Service end Identification of Web Service end pointspoints
End point reference: URI + application-End point reference: URI + application-specific informationspecific information
End-to-end identification in messagesEnd-to-end identification in messages
WS-AddressingWS-Addressing
To: …ReplyTo: …
To: …
Policy FrameworkPolicy Framework
PolicyPolicy
PolicyPolicyAttachmentAttachment
PolicyPolicyAssertionsAssertions
WSDLWSDL
WS-PolicyWS-Policy
Flexible and extensible grammar for Flexible and extensible grammar for Web Services to communicate Web Services to communicate requirements, preferences and requirements, preferences and capabilitiescapabilities
Declarative and conditional assertionsDeclarative and conditional assertionsAuthentication schemeAuthentication scheme
Transport protocolTransport protocol
Security policySecurity policy
QoS characteristicsQoS characteristics
……
WS-PolicyWS-Policy
Policy assertions have usage attributesPolicy assertions have usage attributesRequired, Rejected, Optional, Observed, IgnoredRequired, Rejected, Optional, Observed, Ignored
Policy operatorsPolicy operatorsAll - all of its child elements are satisfied All - all of its child elements are satisfied
ExactlyOnce - exactly one of its child elements is ExactlyOnce - exactly one of its child elements is satisfied satisfied
OneOrMore - at least one of its child elements is OneOrMore - at least one of its child elements is satisfied satisfied
PolicyReference element for inclusionPolicyReference element for inclusion
WS-PolicyAssertionsWS-PolicyAssertions
Describes general policy assertions Describes general policy assertions that can be affiliated with a messagethat can be affiliated with a message
TextEncoding assertionTextEncoding assertion
Language assertionLanguage assertion
SpecVersion assertionSpecVersion assertion
MessagePredicate assertionMessagePredicate assertion
Supported by both the Web Service or Supported by both the Web Service or by the clientby the client
WS-PolicyAttachmentWS-PolicyAttachment
Provides a standard mechanism for Provides a standard mechanism for attaching the requirement and attaching the requirement and capability statements to Web Servicescapability statements to Web Services
How to associate policies with specific How to associate policies with specific instances of WSDL servicesinstances of WSDL services
How to reference policies from WSDL How to reference policies from WSDL definitionsdefinitions
How to associate policies with UDDI How to associate policies with UDDI entitiesentities
WS-PolicyAttachmentWS-PolicyAttachment
WS
DL
+P
olic
yW
SD
L+
Po
licy
Po
licy
Po
licy
UD
DI
UD
DI
Po
licy
Po
licy
1133
22
WS
DL
+P
olic
yW
SD
L+
Po
licy
22
SecuritySecurity
SecuritySecurity
SecuritySecurityPolicyPolicy
SecureSecureConversationConversation
TrustTrust
FederationFederation
PrivacyPrivacy
AuthorizationAuthorization
SOAP MessagingSOAP Messaging
WS-SecurityWS-Security
Defines a framework for building Defines a framework for building security protocolssecurity protocols
IntegrityIntegrity
ConfidentialityConfidentiality
Propagation of security tokensPropagation of security tokens
Framework designed for end-to-end Framework designed for end-to-end security of SOAP messagessecurity of SOAP messages
From initial sender, through 0-n From initial sender, through 0-n intermediaries to ultimate receiverintermediaries to ultimate receiver
WS-SecurityWS-Security
Leverages existing XML security specsLeverages existing XML security specsXMLDSIG for integrityXMLDSIG for integrity
XMLENC for confidentialityXMLENC for confidentiality
Provides constructs for transmitting Provides constructs for transmitting security tokenssecurity tokens
Supports XML and binary tokensSupports XML and binary tokens
What are Security Tokens?What are Security Tokens?
Examples include Examples include Username tokenUsername token
X509 CertificateX509 Certificate
Kerberos ticketKerberos ticket
XrML licenseXrML license
SAML assertionSAML assertion
Represent claims about Represent claims about IdentityIdentity
CapabilitiesCapabilities
PrivilegesPrivileges
Security Token ExampleSecurity Token Example
Message claims to be from AliceMessage claims to be from AliceSpecified using Alice's X509 certificateSpecified using Alice's X509 certificate
Proof is based on Alice's private keyProof is based on Alice's private keySigning part of the message with her Signing part of the message with her private key proves that she knows the key private key proves that she knows the key and is therefore Aliceand is therefore Alice
Specifically, that the signed parts are from Specifically, that the signed parts are from AliceAlice
WS-SecurityWS-Security
OASIS Web Services Security TCOASIS Web Services Security TC
V1 Candidate DocumentsV1 Candidate DocumentsSOAP Message SecuritySOAP Message Security
Username Token ProfileUsername Token Profile
X.509 Token ProfileX.509 Token Profile
Other active draftsOther active draftsSAML Token ProfileSAML Token Profile
XrML Token ProfileXrML Token Profile
Kerberos Token ProfileKerberos Token Profile
Minimal Message ProfileMinimal Message Profile
Protecting MessagesProtecting Messages
Parts of a message can beParts of a message can besigned for integritysigned for integrityencrypted for confidentialityencrypted for confidentiality
Underlying technologies extensibleUnderlying technologies extensibleEncryptionEncryptionDigestDigestSignatureSignatureCanonicalizationCanonicalizationTransformsTransforms
WS-SecurityWS-Security
SenderSender ReceiverReceiverIntermediaryIntermediary IntermediaryIntermediary
……
WS-TrustWS-Trust
Defines how to broker trust Defines how to broker trust relationshipsrelationships
Some trust relationship has to exist Some trust relationship has to exist a a prioripriori
Defines how to exchange security Defines how to exchange security tokenstokens
Defined as an interface specification Defined as an interface specification for a Security Token Servicefor a Security Token Service
Anyone can issue tokens (be a Anyone can issue tokens (be a Security Token Service)Security Token Service)
Getting TokensGetting Tokens
A RequestSecurityToken message is A RequestSecurityToken message is sent to the trust servicesent to the trust service
It responds with a It responds with a RequestSecurityTokenResponseRequestSecurityTokenResponse
Contains required security token and Contains required security token and associated details (e.g. proof)associated details (e.g. proof)
ExampleExample
I want to have secure communication I want to have secure communication with youwith you
I ask the trust service for a token to I ask the trust service for a token to allow me to talk to youallow me to talk to you
The trust service sends two copies of a The trust service sends two copies of a secret keysecret key
One encrypted for me (proof token)One encrypted for me (proof token)
One encrypted for you (requested token)One encrypted for you (requested token)
ExampleExample
11U/P
T1
P1
TrustTrust
22 T2
P2
T1
33T2
Tru
st
Tru
st
T#
P#
Security TokenSecurity TokenProof tokenProof token
ChallengesChallenges
Request TokenRequest Token
Issue ChallengeIssue Challenge
Respond to ChallengeRespond to Challenge
Issue TokenIssue Token
Other Token CharacteristicsOther Token Characteristics
Requester can specify various required Requester can specify various required characteristics of the security tokencharacteristics of the security token
Key type, sizeKey type, size
Delegation constraintsDelegation constraints
……
Trust service can then indicate those Trust service can then indicate those characteristics in the responsecharacteristics in the response
May indicate anything it thinks importantMay indicate anything it thinks important
WS-SecureConversationWS-SecureConversation
WS-Security provides for single WS-Security provides for single message securitymessage security
Nodes will often want to exchange Nodes will often want to exchange more than one messagemore than one message
Specifying new symmetric keys for each Specifying new symmetric keys for each message is tedious, verbose, and message is tedious, verbose, and inefficientinefficient
WS-SecureConversation defines WS-SecureConversation defines mechanisms to address thismechanisms to address this
WS-SecureConversationWS-SecureConversation
Participants establish a shared contextParticipants establish a shared contextContext contains keys/secrets and other Context contains keys/secrets and other informationinformation
Can be stateless (state embedded in Can be stateless (state embedded in security context token)security context token)
Context established multiple waysContext established multiple waysUsing token exchangeUsing token exchange
Having one party create the contextHaving one party create the context
Through negotiationThrough negotiation
Persisted ContextPersisted Context
SCT
Farm ContextFarm Context
SCT
Derived KeysDerived Keys
Exchanging keys and re-using them Exchanging keys and re-using them has security vulnerabilitieshas security vulnerabilities
Degree of randomness not known to both Degree of randomness not known to both partiesparties
Keys used for extended period and/or Keys used for extended period and/or datadata
More secure to exchange a secret and More secure to exchange a secret and derive keys from itderive keys from it
Derived KeysDerived Keys
Spec defines derived keys usageSpec defines derived keys usageAllows multiple keys to be derived from Allows multiple keys to be derived from combination of initial secret, nonces and combination of initial secret, nonces and labels over timelabels over time
Using derived key tokensUsing derived key tokensReferences secret (e.g. security context References secret (e.g. security context token which implies a target)token which implies a target)
Recommended to generate nonces for Recommended to generate nonces for each messageeach message
Derived KeysDerived Keys
SCT
DK1 DK2
WS-SecurityPolicyWS-SecurityPolicy
A set of policy assertions related to A set of policy assertions related to concepts defined by other WS-Sec* concepts defined by other WS-Sec* specsspecs
Allows participants to specifyAllows participants to specifyToken typesToken types
Whether integrity and/or confidentiality Whether integrity and/or confidentiality are requiredare required
Algorithms for the aboveAlgorithms for the above
Which message parts need Which message parts need signing/encryptingsigning/encrypting
WS-FederationWS-Federation
““Single Sign-On” access across trust Single Sign-On” access across trust domains using identities from the domains using identities from the different domainsdifferent domainsWS-Federation defines a model for this WS-Federation defines a model for this building on the WS-* security building on the WS-* security specifications:specifications:
Model for trustModel for trustSign out messagesSign out messagesAttribute serviceAttribute servicePseudonym servicePseudonym service
One Protocol, Multiple BindingsOne Protocol, Multiple Bindings
Common protocol (WS-Trust)Common protocol (WS-Trust)
Two “profiles” of the model are definedTwo “profiles” of the model are definedSmart/Active clients (SOAP)Smart/Active clients (SOAP)
Passive clients (Browser – HTTP/S)Passive clients (Browser – HTTP/S)
Supporting services (Supporting services (attribute/pseudonym/…attribute/pseudonym/…))
SecuritySecurityTokenToken
ServiceService
HTTPHTTPReceiverReceiver
HTTP messagesHTTP messages
SOAP messagesSOAP messages
SOAPSOAPReceiverReceiver
Trust TopologiesTrust Topologies
Federation approach must address different Federation approach must address different trust topologiestrust topologies
Model existing business practicesModel existing business practicesLeverage existing infrastructureLeverage existing infrastructure
Sample topologiesSample topologiesDirect trustDirect trust
ExchangeExchangeValidationValidation
Indirect trustIndirect trustDelegationDelegation
Direct TrustDirect TrustToken ExchangeToken Exchange
TrustTrust
Get identityGet identitytokentoken
Get accessGet accesstokentoken11
33
22 Tru
st
Tru
st
Direct TrustDirect TrustToken ValidationToken Validation
TrustTrust
Get identityGet identitytokentoken
Get accessGet accessverificationverification
11
22
33
Tru
st
Tru
st
Indirect TrustIndirect Trust
Trust
TrustTrust
Trust
C trusts B which vouches for A who vouches for clientC trusts B which vouches for A who vouches for client
11
22
Tru
st
Tru
st
Tru
st
Tru
st
CC
BB
AA
DelegationDelegation
TrustTrust
11
33
22
TrustTrust
55
44
Tru
st
Tru
st
Tru
st
Tru
st
Single Sign-OutSingle Sign-Out
11
22
22
22
……
……
Attribute ServiceAttribute Service
Scenario: You ask a weather service for the Scenario: You ask a weather service for the current weather (or visit a weather site), it current weather (or visit a weather site), it provides personalized response because it provides personalized response because it knows your zip codeknows your zip code
Why it worked: Why it worked: Policy indicated an attribute servicePolicy indicated an attribute service
Identity information was used to find zip codeIdentity information was used to find zip code
Weather service was authorized to access zip Weather service was authorized to access zip codecode
Specification defines the concept of an Specification defines the concept of an attribute service but not a specific interfaceattribute service but not a specific interface
Attribute ScopingAttribute Scoping
Zip: 12309Zip: 12309FN: FredFN: FredID: 3442 ID: 3442 Nick: FreddoNick: FreddoID: FJ454ID: FJ454Nick: FredsterNick: FredsterID: 3-55-34ID: 3-55-34……
Model allows for attributes to be scopedModel allows for attributes to be scoped
(fabrikam123.com)(fabrikam123.com)
(business456.com)(business456.com)
(example.com)(example.com)
Attribute DiscoveryAttribute Discovery
Open design modelOpen design modelAny attribute store can be usedAny attribute store can be used
Integration with legacy systemsIntegration with legacy systems
Discovery via policyDiscovery via policyRequestor’s policy Requestor’s policy attribute service attribute service
Attribute service has its own policyAttribute service has its own policy
Communication governed this policyCommunication governed this policy
UDDI is an example storeUDDI is an example store
Attribute DiscoveryAttribute Discovery
Po
licy
Po
licy
Po
licy
Po
licy
11
33
2244 ““Get FN”Get FN”
Attribute ExampleAttribute Example
TrustTrust
11
33
22 44
TrustTrust
Zip: 12309Zip: 12309FN: FredFN: Fred……
Protecting IdentityProtecting Identity
Single sign-on also needs toSingle sign-on also needs toPrevent collusionPrevent collusion
Provide anonymityProvide anonymity
Other forms of collusion still exist:Other forms of collusion still exist:AddressAddress
Phone numberPhone number
Credit cardCredit card
Social security numberSocial security number
Pseudonym ServicePseudonym Service
This service provides a mechanism for This service provides a mechanism for associating alternate identitiesassociating alternate identities
Pseudonyms represent alternate Pseudonyms represent alternate identitiesidentities
Scoped by a domain expressionScoped by a domain expression
Subject to authorization controlSubject to authorization control
Can be accessed by authorized servicesCan be accessed by authorized services
Can be integrated with IP/STSCan be integrated with IP/STS
Pseudonym DiscoveryPseudonym Discovery
Po
licy
Po
licy
Po
licy
Po
licy
11
33
2244
TrustTrust
““Fred” Fred” “A123”“A123”
““A123” A123” “Freddo”“Freddo”
11
22
33
““A123”A123”
Pseudonym Example 1Pseudonym Example 1
Service sets pseudonym for its domainService sets pseudonym for its domain
TrustTrust
““Fred” Fred” “B456”“B456”
““B456” B456” “Freddo”“Freddo”
11
22
33
““B456”B456”
Pseudonym Example 2Pseudonym Example 2
Service fetches pseudonym for its domainService fetches pseudonym for its domain
Pseudonym/STS IntegrationPseudonym/STS Integration
Pseudonym & STS can work togetherPseudonym & STS can work together
Single physical serviceSingle physical service
Separate but tightly coupled servicesSeparate but tightly coupled services
Scope of request selects pseudonymScope of request selects pseudonym
TokenTokenRequestRequest
TrustTrust
““Fred” Fred” “Freddo”“Freddo”
““Fred” Fred” “Freddo” “Freddo”11
33
““Freddo”Freddo”
Pseudonym Example 3Pseudonym Example 3
Use pseudonyms to obtain initial tokenUse pseudonyms to obtain initial token
22
Federation Discovery RecapFederation Discovery Recap
……
Po
licy
Po
licy
Active (Smart Client) ProfileActive (Smart Client) Profile
Describes options with SOAP clientsDescribes options with SOAP clients
Allows rich cachingAllows rich caching
Varied models based on policyVaried models based on policyBusiness needsBusiness needs
Inter-organizationInter-organization
RegulationsRegulations
Strong authentication of all requestsStrong authentication of all requests
Example Flow (SOAP)Example Flow (SOAP)
RequestingService
Requestor’sIP/STS
TargetService
Target’sIP/STS
Acquire policy
Request token
Return token
Request token
Return token
Send secured request
Return secured response
Passive ProfilePassive Profile
Describes options with browsersDescribes options with browsersPure redirect with GETPure redirect with GET
URL-onlyURL-only
POST bodyPOST body
Uses redirection to effect messagesUses redirection to effect messages
Tunnels WS-Trust messagesTunnels WS-Trust messagesImplicitlyImplicitly
ExplicitlyExplicitly
Allows custom caching mechanismsAllows custom caching mechanisms
Example Flow (Browser)Example Flow (Browser)Requesting
BrowserRequestor’s
IP/STSTarget
ResourceTarget’sIP/STS
Get resource
Detect realm
Redirect to resource’s IP/STS
Redirect to requestor’s IP/STS
Login
Return identity token
Return resource token
Return secured response
Federating SecurityFederating SecuritySummarySummary
Generic token acquisitionGeneric token acquisitionEnables different trust topologiesEnables different trust topologies
Integrates with existing infrastructuresIntegrates with existing infrastructuresBusiness modelBusiness model
Token formatsToken formats
Attribute storesAttribute stores
Directory servicesDirectory services
Federating SecurityFederating SecuritySummarySummary
Identity Protection and PrivacyIdentity Protection and PrivacyVarying levels supportedVarying levels supported
Allows true anonymityAllows true anonymity
Supports multiple privacy languagesSupports multiple privacy languages
Rich privacy optionsRich privacy options
End-to-end, no HTTPS requiredEnd-to-end, no HTTPS required
Public review and participationPublic review and participation
Free to implementFree to implement
Federating SecurityFederating SecuritySummarySummary
Together with the other WS-* Together with the other WS-* specifications, provides a rich fabric specifications, provides a rich fabric for building secure, reliable, transacted for building secure, reliable, transacted systems across federation boundariessystems across federation boundaries
SOAP composability model allows SOAP composability model allows layering of vertical and value-add layering of vertical and value-add applications and protocolsapplications and protocols
Reliable MessagingReliable Messaging
SecuritySecurity
Reliable MessagingReliable Messaging
SOAP MessagingSOAP Messaging
PolicyPolicy
WS-ReliableMessagingWS-ReliableMessaging
End-to-end delivery of messages with specific End-to-end delivery of messages with specific quality-of-service characteristics among two partiesquality-of-service characteristics among two parties
Identification of sequences of messagesIdentification of sequences of messages
Specification of delivery assurancesSpecification of delivery assurancesAt most once, Exactly once, and In-order deliveryAt most once, Exactly once, and In-order delivery
From initial sender, through 0-n intermediaries to ultimate From initial sender, through 0-n intermediaries to ultimate receiverreceiver
No restriction on the number of in-flight messagesNo restriction on the number of in-flight messages
Transport-independentTransport-independent
Integrated with WS-* security mechanismsIntegrated with WS-* security mechanisms
WS-ReliableMessagingWS-ReliableMessaging
Send message #1Send message #1
Send message #2Send message #2
Send message #1Send message #1
Acknowledge #1-2Acknowledge #1-2
……
Send message #3Send message #3
1- 4 1-21- 4 1-2
……
1-3 1-21-3 1-2
TransactionsTransactions
SecuritySecurity
CoordinationCoordination
SOAP MessagingSOAP Messaging
PolicyPolicy
Atomic TransactionsAtomic Transactions Business ActivitiesBusiness Activities
WS-CoordinationWS-Coordination
Defines protocols to create an activity Defines protocols to create an activity and to register with an activityand to register with an activity
These operations are the key mechanism These operations are the key mechanism to coordinate activities between Web to coordinate activities between Web ServicesServices
They enable “wiring together” Web They enable “wiring together” Web ServicesServices
Behaviors have URIsBehaviors have URIs
Good for P2P and for coordinated Good for P2P and for coordinated servicesservices
WS-AtomicTransactionWS-AtomicTransaction
The “good old” ACID ones …The “good old” ACID ones …
Completion – initiates commitment Completion – initiates commitment processing beginning with volatile 2PC processing beginning with volatile 2PC and then durable 2PCand then durable 2PC
Two-Phase Commit (2PC)Two-Phase Commit (2PC)Volatile 2PC – participants managing Volatile 2PC – participants managing volatile resources such as a cache should volatile resources such as a cache should register for this oneregister for this one
Durable 2PC – participants managing Durable 2PC – participants managing durable resources such as a DB should durable resources such as a DB should register for this oneregister for this one
WS-BusinessActivitiesWS-BusinessActivities
Based on the open-nested transaction Based on the open-nested transaction model with compensating actionsmodel with compensating actions
Establishes a parent-child agreementEstablishes a parent-child agreementA protocol for coordination agreementA protocol for coordination agreement
Analogous to Robert’s Rules of Order for Analogous to Robert’s Rules of Order for parliamentary procedures but much parliamentary procedures but much simplersimpler
AT/BA only differ in the ability of the AT/BA only differ in the ability of the child to unilaterally know when the child to unilaterally know when the “unit of work” is complete“unit of work” is complete
WS-BusinessActivitiesWS-BusinessActivities
Captures application-level interactionsCaptures application-level interactionsProvides for full encapsulation of Provides for full encapsulation of autonomous activitiesautonomous activities
Get the pesky fiefdoms to work togetherGet the pesky fiefdoms to work together
Supports the possibility that a unit of Supports the possibility that a unit of work is not completed and that a work is not completed and that a “business exception” is to be generated“business exception” is to be generated
Enables uniform failure recoveryEnables uniform failure recovery
Requires that participants record in Requires that participants record in stable store all the agreement stable store all the agreement coordination protocol state transitionscoordination protocol state transitions
SummarySummary
Composable complete solution for Composable complete solution for interoperable secure, reliable, transacted interoperable secure, reliable, transacted servicesservices
General-purposeGeneral-purpose
Works with existing infrastructureWorks with existing infrastructure
Integrated into products from the leading Integrated into products from the leading system, application, & security vendorssystem, application, & security vendors
Enables single sign-onEnables single sign-on
Increases your business flexibility and Increases your business flexibility and reduces your riskreduces your risk
AgendaAgenda
Web Services OverviewWeb Services Overview
Example ScenarioExample Scenario
Specification SummarySpecification Summary
Federation DrilldownFederation DrilldownHow is Federation Accomplished?How is Federation Accomplished?
Sample Flows RevisitedSample Flows Revisited
Demonstration of messagesDemonstration of messages
Scenario Review Scenario Review
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
How is Federation Accomplished?How is Federation Accomplished?TrustTrust
Direct Trusts:Direct Trusts:Manufacturer trusts dealer for identityManufacturer trusts dealer for identity
Manufacturer trusts dealer to assert rightsManufacturer trusts dealer to assert rights
Token ExchangeToken ExchangeManufacturer exchanges dealer tokenManufacturer exchanges dealer token
Brokered TrustBrokered TrustSupplier trusts manufacturer on identifySupplier trusts manufacturer on identify
Warehouse trusts supplier on identifyWarehouse trusts supplier on identify
How is Federation Accomplished?How is Federation Accomplished?MechanismMechanism
Token RequestToken RequestWS-Trust protocol is usedWS-Trust protocol is used
Either SOAP or HTTP bindingEither SOAP or HTTP binding
Can issue, exchange, or authenticate using Can issue, exchange, or authenticate using the same protocolthe same protocol
Independent of any token typeIndependent of any token type
Message SecurityMessage SecurityWS-Security is used to affix/prove tokensWS-Security is used to affix/prove tokens
How is Federation Accomplished?How is Federation Accomplished?CompositionComposition
Security information orthogonalSecurity information orthogonalComposes with TransactionsComposes with Transactions
Composes with Reliable MessagingComposes with Reliable Messaging
Multiple security credentials allowedMultiple security credentials allowedIdentity tokensIdentity tokens
Authorization tokensAuthorization tokens
Attribute tokensAttribute tokens
Etc.Etc.
How is Federation Accomplished?How is Federation Accomplished?Models Business NeedsModels Business Needs
Integrates with existing systemsIntegrates with existing systemsX.509X.509
KerberosKerberos
Username/passwordUsername/password
SAMLSAML
CustomCustom
Etc.Etc.
Flexible format allows different trust Flexible format allows different trust models to mirror business processmodels to mirror business process
Sample Flows RevisitedSample Flows Revisited
Heather logs inHeather logs in
Heather logs outHeather logs out
Tony logs inTony logs in
Back-end system processes orderBack-end system processes order
Heather – Example Login Heather – Example Login
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService11
22
33
44
Heather – Example LoginHeather – Example Login
Heather accesses dealer portalHeather accesses dealer portal
She is redirected to a login pageShe is redirected to a login page
She enters her information and POSTsShe enters her information and POSTs
A cookie is save with her her IDA cookie is save with her her ID
She is redirected back to the portalShe is redirected back to the portal
The cookie authorizes her to the portalThe cookie authorizes her to the portal
Heather – Example LoginHeather – Example Login
GET /Dealer/portalGET /Dealer/portal
302 302 /Dealer/login /Dealer/login
POST /Dealer/loginPOST /Dealer/login
POST /Dealer/portalPOST /Dealer/portalUses script to generate POSTUses script to generate POST
Heather – Example LoginHeather – Example Login
Heather access the manufacturer siteHeather access the manufacturer site
She has no credentials at the siteShe has no credentials at the site
She is redirected to the authz serverShe is redirected to the authz server
The authz server doesn’t know herThe authz server doesn’t know her
She is redirected to her login siteShe is redirected to her login site
Her ID is returned (e.g. as SAML token)Her ID is returned (e.g. as SAML token)
Authz server saves ID in cookieAuthz server saves ID in cookie
Authz server creates custom tokenAuthz server creates custom token
She is redirected to manufacturer siteShe is redirected to manufacturer site
Heather – Example LoginHeather – Example Login
GET /Manufacturer/portalGET /Manufacturer/portal
302 302 /Manufactuer/authz /Manufactuer/authz
302 302 /Dealer/login /Dealer/loginRedirect could be based on selection, Redirect could be based on selection, policy, source address, etc.policy, source address, etc.
POST /Manufacturer/authzPOST /Manufacturer/authz
POST /Manufacturer/portalPOST /Manufacturer/portal
200 Portal page200 Portal page
Heather – Example Logout Heather – Example Logout
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
44
11
22
33
Heather – Example LogoutHeather – Example Logout
Heather logs out of manufacturer siteHeather logs out of manufacturer siteCleans up state at that manufacturer Cleans up state at that manufacturer portalportal
She is redirected to authz siteShe is redirected to authz siteCleans up state at that authz siteCleans up state at that authz site
May or may not choose to redirect to May or may not choose to redirect to issuing siteissuing site
Cleans up state at delaer login siteCleans up state at delaer login site
Give a “all clear” indicatorGive a “all clear” indicator
Heather – Example LogoutHeather – Example Logout
GET /Manufacturer/logoutGET /Manufacturer/logout
302 302 /Manufacturer/authz/logout /Manufacturer/authz/logout
302 302 /Dealer/logout /Dealer/logout
200 Logout notification200 Logout notification
Tony – Example LoginTony – Example Login
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
11
22
Assumes policies are known/cachedAssumes policies are known/cached
Tony – Example LoginTony – Example Login
Tony sends request to identity provider Tony sends request to identity provider at home company for tokenat home company for token
IP returns a ID token (e.g. SAML)IP returns a ID token (e.g. SAML)
Tony presents ID token to Tony presents ID token to authorization service at dealerauthorization service at dealer
Federation trust accepts ID tokenFederation trust accepts ID token
Authorization token is returnedAuthorization token is returned
Authorization token is provided (and Authorization token is provided (and proved) on messages to dealer proved) on messages to dealer servicesservices
Token RequestToken Request<Envelope><Envelope> <Header> <Header> <MessageID>uuid:eda82a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:eda82a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…/RequestSecurityToken</Action> <Action>…/RequestSecurityToken</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <Security> <Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:37:45Z</Created> <Created>2003-10-11T00:37:45Z</Created> </Timestamp> </Timestamp> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <Signature>…</Signature> <Signature>…</Signature> <UsernameToken Id=“userid”>…</UsernameToken> <UsernameToken Id=“userid”>…</UsernameToken> </Security> </Security> </Header> </Header> <Body> <Body> <RequestSecurityToken><RequestSecurityToken> <TokenType>saml:Assertion</TokenType> <TokenType>saml:Assertion</TokenType> <RequestType>wsse:ReqIssue</RequestType> <RequestType>wsse:ReqIssue</RequestType> <Base><Address URI=“#userid”/></Base> <Base><Address URI=“#userid”/></Base> </RequestSecurityToken> </RequestSecurityToken> </Body></Body></Envelope></Envelope>
Token ResponseToken Response<Envelope><Envelope> <Header> <Header> <MessageID>uuid:drt82a93-6c56-4c94-818d-44310f085f2c</MessageID> <MessageID>uuid:drt82a93-6c56-4c94-818d-44310f085f2c</MessageID> <Action>…/RequestSecurityTokenResponse</Action> <Action>…/RequestSecurityTokenResponse</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <Security> <Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:37:55Z</Created> <Created>2003-10-11T00:37:55Z</Created> </Timestamp> </Timestamp> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body> <Body> <RequestSecurityTokenResponse><RequestSecurityTokenResponse> <RequestedSecurityToken> <RequestedSecurityToken> <saml:Assertion>…</saml:Assertion> <saml:Assertion>…</saml:Assertion> </RequestedSecurityToken> </RequestedSecurityToken> <RequestedProofToken>…</RequestedProofToken> <RequestedProofToken>…</RequestedProofToken> </RequestSecurityTokenResponse> </RequestSecurityTokenResponse> </Body></Body></Envelope></Envelope>
Backend ProcessingBackend Processing
Identity ProviderIdentity Provider Authorization Authorization ServiceService Identity ProviderIdentity Provider
HeatherHeather
Order ServiceOrder Service
Warehouse 1Warehouse 1
Warehouse Warehouse ServiceService
Warehouse 2Warehouse 2
CoordinatorCoordinator
Transaction Transaction CoordinatorCoordinator
CoordinatorCoordinator
StorageStorage
StorageStorage
DealerDealer
ManufacturingManufacturing WarehouseWarehouseRoamingRoaming SupplierSupplier
TonyTony
Inventory Inventory ServiceService
11
22 33 44
55
55
Backend ProcessingBackend Processing
Tony sends message to manufacturerTony sends message to manufacturerSecured with authorization tokenSecured with authorization token
Manufacturer sends message to supplierManufacturer sends message to supplierSecured with service/context tokenSecured with service/context token
Supplier sends message to warehouseSupplier sends message to warehouseSecured with service/context tokenSecured with service/context tokenUses reliability contextUses reliability context
Warehouse sends messages to storesWarehouse sends messages to storesSecured with service/context tokenSecured with service/context tokenUses reliability contextUses reliability contextUses transaction contextUses transaction context
Initial RequestInitial Request<Envelope><Envelope> <Header> <Header> <MessageID>uuid:eda82a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:eda82a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…/SubmitPO</Action> <Action>…/SubmitPO</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <Security><Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:37:45Z</Created> <Created>2003-10-11T00:37:45Z</Created> </Timestamp> </Timestamp> <saml:Assertion Id=“sct”>…</saml:Assertion> <saml:Assertion Id=“sct”>…</saml:Assertion> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body> <Body> <SubmitPO> …<SubmitPO> <SubmitPO> …<SubmitPO> </Body></Body></Envelope></Envelope>
Manufacturer Manufacturer Supplier Supplier<Envelope><Envelope> <Header> <Header> <MessageID>uuid:qwe95a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:qwe95a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…/SubmitPO</Action> <Action>…/SubmitPO</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <Security> <Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:37:55Z</Created> <Created>2003-10-11T00:37:55Z</Created> </Timestamp> </Timestamp> <BinarySecurityToken Id=“bst”>…</BinarySecurityToken> <BinarySecurityToken Id=“bst”>…</BinarySecurityToken> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body> <Body> <SubmitPO> …<SubmitPO> <SubmitPO> …<SubmitPO> </Body></Body></Envelope></Envelope>
Supplier Supplier Warehouse Warehouse<Envelope><Envelope> <Header> <Header> <MessageID>uuid:trw23a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:trw23a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…/SubmitPO</Action> <Action>…/SubmitPO</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <Sequence><Sequence> <Identifier>uuid:1c6122f0-36c5-457c-9318-d1b01424469d</Identifier> <Identifier>uuid:1c6122f0-36c5-457c-9318-d1b01424469d</Identifier> <MessageNumber>1</MessageNumber> <MessageNumber>1</MessageNumber> </Sequence></Sequence> <Security> <Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:38:05Z</Created> <Created>2003-10-11T00:38:05Z</Created> </Timestamp> </Timestamp> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body> <Body> <SubmitPO> …<SubmitPO> <SubmitPO> …<SubmitPO> </Body></Body></Envelope></Envelope>
Warehouse Warehouse Supplier Supplier<Envelope><Envelope> <Header> <Header> <MessageID>uuid:vhs05a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:vhs05a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…rm#SequenceAcknowledgement</Action> <Action>…rm#SequenceAcknowledgement</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <SequenceAcknowledgement> <SequenceAcknowledgement> <Identifier>uuid:24f122f0-36c5-457c-9318-d1b01424469d</Identifier> <Identifier>uuid:24f122f0-36c5-457c-9318-d1b01424469d</Identifier> <AcknowledgementRange Upper="1" Lower="1" /> <AcknowledgementRange Upper="1" Lower="1" /> </SequenceAcknowledgement> </SequenceAcknowledgement> <Security> <Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:38:41Z</Created> <Created>2003-10-11T00:38:41Z</Created> </Timestamp> </Timestamp> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body/> <Body/></Envelope></Envelope>
Warehouse Warehouse Stores Stores<Envelope><Envelope> <Header> <Header> <MessageID>uuid:trw23a93-6c56-4c94-818d-44210f085f2c</MessageID> <MessageID>uuid:trw23a93-6c56-4c94-818d-44210f085f2c</MessageID> <Action>…/SubmitPO</Action> <Action>…/SubmitPO</Action> <From>…</From> <From>…</From> <To>…</To> <To>…</To> <CoordinationContextType><CoordinationContextType> <Expires>2003-10-10T17:41:51.4402976-07:00</Expires> <Expires>2003-10-10T17:41:51.4402976-07:00</Expires> <Identifier>uuid:03f09679-77c7-469e-8abd-993304299b76</Identifier> <Identifier>uuid:03f09679-77c7-469e-8abd-993304299b76</Identifier> <CoordinationType>…/wsat</CoordinationType> <CoordinationType>…/wsat</CoordinationType> <RegistrationService>…</RegistrationService> <RegistrationService>…</RegistrationService> <IsolationLevel>Serializable</IsolationLevel> <IsolationLevel>Serializable</IsolationLevel> <Description>R2F0ZXM…</Description> <Description>R2F0ZXM…</Description> <LocalTransactionId>03f09679-77c7-469</LocalTransactionId> <LocalTransactionId>03f09679-77c7-469</LocalTransactionId> </CoordinationContextType> </CoordinationContextType> <Sequence> <Sequence> <Identifier>uuid:7e3122f0-36c5-457c-9318-d1b01424469d</Identifier> <Identifier>uuid:7e3122f0-36c5-457c-9318-d1b01424469d</Identifier> <MessageNumber>1</MessageNumber> <MessageNumber>1</MessageNumber> </Sequence></Sequence>
Warehouse Warehouse Stores Stores <Security><Security> <Timestamp> <Timestamp> <Created>2003-10-11T00:38:05Z</Created> <Created>2003-10-11T00:38:05Z</Created> </Timestamp> </Timestamp> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <SecurityContextToken Id=“sct”>…</SecurityContextToken> <Signature>…</Signature> <Signature>…</Signature> </Security> </Security> </Header> </Header> <Body> <Body> <SubmitPO> …<SubmitPO> <SubmitPO> …<SubmitPO> </Body></Body></Envelope></Envelope>
BackupBackup
WS-CoordinationWS-CoordinationExample of BehaviorsExample of Behaviors
The need is to establish a sessionThe need is to establish a sessionB1: Three leg handshakeB1: Three leg handshake
Hello, ACK of hello, ACK of ACK of helloHello, ACK of hello, ACK of ACK of hello
B2: Fire and forgetB2: Fire and forgetHelloHello
The activity may also have a policy:The activity may also have a policy:If B2 then must use reliable messagingIf B2 then must use reliable messaging
If using unreliable datagram messages If using unreliable datagram messages then must use B1then must use B1
Protocol : 2PCProtocol : 2PC
Active Ended
AbortingRegisterResponse
PreparingPrepare
Figure AT5: 2PC Protocol State Diagram
Prepared CommittingPrepared Committed
Aborted ReadOnlyor
Aborted
Aborted
Commit
Rollback
Rollback
Participant generatedCoordinator generated
Rollback