Apache SOAP signature architecture
Using the SOAP transport hook, you can plug-in the following security components:
- Signer
- Verifier, with logging capability
The transport hook is called the EnvelopeEditor. A PluggableEnvelopeEditor is also provided, which allows you to plug in your security components. As illustrated, the EnvelopeEditor is encapsulated in the SOAPTransport on the client side. On the server side, EnvelopeEditor is encapsulated in RPC/MessageRouterServlet. The same components can be used on either side.
When a client application sends a request, the request is signed and transmitted to the server. At the server side, the request is verified and delivered to a server application or, in the case of a Remote Procedure Call, to a Java object. The response is processed in the same manner. The verifier component also has a logging function to log the verified messages in a file. Signatures and verifier components are configurable. One can specify encryption, digest message algorithm, certificate path policy, and other security technologies.
See also: