# Thursday, October 30, 2003
WSV304: Indigo security tokens stop the PasswordProvider madness

Steve Millet is talking about the improvements in the Indigo model for security tokens.  The good news is that the madness has stopped: when a UsernameToken is validated you only need to return a bool rather than the password.  WSE 1.0 and 2.0 require the password to be returned allowing WSE to work out whether they match.   This was uncomfortable for several reasons, such as the fact the password might have been hashed, or just the fact that sharing the password back with the framework feels like a 'boundary violation'.  I'm glad that we're seeing the end of this bizarre API practice.

Other interesting tidbits were that SAML tokens will be available in Indigo.  Now, if they were only in WSE ...

Existing WSE/ASMX applications are likely to have a good upgrade path to Indigo, with similar security attributes.  There are also extensibility hooks in Indigo to do custom security token handling, so there's an upgrade path for WSE (though this is almost certainly having to write code).

.NET | PDC | Web Services
posted on Thursday, October 30, 2003 12:44:53 AM (GMT Standard Time, UTC+00:00)  #   
Related posts:
Office Server 2007: Can it help me write less code?
Server-side Excel: changing the face of financial apps?
Ray Ozzie: Services Disruption and the need for 'Client Server Service Synergy'
DDD3: Deadline for speaker submissions extended until Monday
DDD III on Sat 3 June: Call for Speakers!
I can see clearly now: NUnitAddin and NCoverBrowser
 Tracked by:
"valium" (valium) [Trackback]
"home insurance quotes" (home insurance quotes) [Trackback]
"Baccarat" (Baccarat) [Trackback]
"Internet Casinos" (Internet Casinos) [Trackback]
"House Insurance" (House Insurance) [Trackback]
"Slot Machines" (Slot Machines) [Trackback]
"Homeowner Insurance" (Homeowner Insurance) [Trackback]
"Slots Machines" (Slots Machines) [Trackback]
"SlotsMachines" (SlotsMachines) [Trackback]
"Home Owner Insurance" (Home Owner Insurance) [Trackback]
"Home Owner Insurence" (Home Owner Insurence) [Trackback]
"polistirene" (polistirene) [Trackback]
"scienze" (scienze) [Trackback]

Page rendered at Friday, September 03, 2010 7:55:04 AM (GMT Daylight Time, UTC+01:00)