Category Archives: security

Security Considerations in Firefox When Accessing Different Domains

Posted on December 22, 2008 by dimuthu

If you are a web developer you may have experienced that there are many situations that you need to access remote domains for data sources. For an example if you are building a weather mashup, you may like to connect … Continue reading →

Posted in firefox, javascript, security | Tagged domains, external domains, firefox, javascript, security | 1 Comment

Sending Encrypted Binary Messages With PHP Web Services

Posted on December 14, 2008 by dimuthu

Web services has made the communication between heterogeneous environments (say PHP with .NETÂ or Java) a reality. It has defines standards for communicate not only with texts but also with binaries. And more importantly you can keep these communication confidential … Continue reading →

Posted in php, security, SOA, Tutorial/Guide, web services, wsf/php, wso2 | Tagged Attachment, base64, encryption, MIME, mtom, policy, secuirty token, security | 2 Comments

WS-SecurityPolicy With PHP

Posted on November 19, 2008 by dimuthu

WS-SecurityPolicy specification defines standards for defining security policies for your web service. WSF/PHP allows you to declare your security policies according to these standards. You can take one of following approaches to associate policies to your web service or client. … Continue reading →

Posted in DataServices, php, REST, security, Tutorial/Guide, web services, WSDL, wsf/php, wso2, xml, xml schema | Tagged php, policy, ws-policy, ws-security, ws-security policy, WSDL, wsf/php | 14 Comments

Signing SOAP Headers In PHP Web Services

Posted on November 18, 2008 by dimuthu

Non-Repudiation and Integrity are two main security issues addressed by signing a message. If you are writing a web service or a service consumer in PHP you can use the WSF/PHP toolkit to sign messages. Here is how you can … Continue reading →

Posted in php, security, Tutorial/Guide, wsf/php, wso2 | Tagged message id, php, security, sign, signature, ws-addressing, ws-security, wsf/php | Leave a comment

Detect Replay Attacks In to Your PHP Web Service

Posted on November 17, 2008 by dimuthu

Replay attack is a common kind of attack, the hackers are using to break the security of a web service. If you can intercept one soap message while it is transferring through the wire, you can replay that message to … Continue reading →

Posted in php, security, Tutorial/Guide, web services, wsf/php, wso2 | Tagged php, replay detect, replay detection, security, web services, ws-security, wsf/php | 2 Comments

WSF/PHP Samples Explained

Posted on November 7, 2008 by dimuthu

Here is a simple categorization of the WSF/PHP samples. You can access all the wsf/php samples from http://labs.wso2.org/wsf/php/solutions/samples/index.html. Sample Category Example Client Source Code Example Service Source Code Online Demo Beginners echo_client.php echo_service.php Demo REST echo_client_rest.php echo_service_with_rest.php Demo WSDL Mode … Continue reading →

Posted in DataServices, php, REST, security, Tutorial/Guide, web services, WSDL, wsf/php, wso2 | Tagged beginners, code first, contract first, data services, mtom, php, reliable messaging, REST, samples, security, WSDL, wsf/php | Leave a comment

Demo on Providing PHP Web Service with Username Token

Posted on October 16, 2008 by dimuthu

WSF/PHP Demo Site contains number of applications that demonstrate the different features of WSO2 WSF/PHP in practice. Calendar Service is one of such application. It demonstrate the use of WSDL Mode for a service with different policies for different operations … Continue reading →

Posted in security, web services, WSDL, wsf/php, wso2 | Tagged Calendar, php, policies, WSDL, wsdl mode, wsf/php | Leave a comment

Test your SSL SOAP Client with an Online Service

Posted on October 7, 2008 by dimuthu

WSF/PHP Demo Site services can be accessed via https (Secured HTTP)Â transport. For an example you can access the echo service via https from https://2ec2.wso2.org/samples/echo_service.php endpoint. This can be used to identify whether you WSF/PHP instance is built with SSL … Continue reading →

Posted in security, Tutorial/Guide, web services, wsf/php, wso2 | Tagged CACert, demo site, endpoint, HTTPS, php, public | 4 Comments

Http Authentication for SOAP Messages in PHP – 2 Minutes Introduction

Posted on September 24, 2008 by dimuthu

Yesterday’s blog on “Using Username token in Authentication” I explained a standard way of authenting SOAP messages in Application layer (Message level Authentication). Anyway you can authenticate SOAP messages in transport level itself. For an example with HTTP Transport we … Continue reading →

Posted in 2 minutes guide, security, Tutorial/Guide, web services, wsf/php, wso2 | Tagged 2 minutes, authentication, basic, HTTP, messages, SOAP, wsf/php | 1 Comment

Authenticate using Username Token from PHP – 2 Minutes Introduction

Posted on September 23, 2008 by dimuthu

Username token is a simple token sent inside SOAP message header element with username and password information.Â It is used to authenticate SOAP messages in a standardized way. Sending Username Token To send username token with WSF/PHP you can use … Continue reading →

Posted in 2 minutes guide, security, Tutorial/Guide, web services, wsf/php, wso2 | Tagged 2 minutes, authentication, php, username token, wsf/php | 3 Comments

Tags
2 minutes adb axis2/c base64 binary bps carbon codegen DataService data services enterprise esb Governance guide install mashup mtom php policy registry release REST RESTful security services SOA SOAP Tools tutorial Web Service web services wordpress WS-* ws-security wsas WSClient WSDL wsdl2php wsdl generation wsdl mode wsf wsf/php wso2 xml xml schema
Archives
- July 2010 (1)
- June 2010 (1)
- May 2010 (3)
- February 2010 (1)
- January 2010 (6)
- December 2009 (1)
- November 2009 (1)
- October 2009 (2)
- August 2009 (1)
- July 2009 (3)
- June 2009 (2)
- April 2009 (1)
- March 2009 (3)
- February 2009 (4)
- January 2009 (5)
- December 2008 (12)
- November 2008 (20)
- October 2008 (21)
- September 2008 (21)
- August 2008 (9)
- July 2008 (7)
Calendar
May 2024

M T W T F S S

« Jul

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29 30 31
Meta
Pages
- About
Recent Posts

May 2024
M	T	W	T	F	S	S
« Jul
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Category Archives: security

Tags

Archives

Calendar

Meta

Pages

Recent Posts