The filter allows the Enterprise Gateway to verify XML Signatures "as a service"
according to the OASIS DSS (Digital Signature Services) specification.
The DSS specification describes how a client can send a message
containing an XML Signature to a DSS Signature verification Web Service
that can verify the Signature and return the result of the verification
to the client.
The advantage of this approach is that the Signature verification code is
abstracted away from the logic of the Web Service and does not have to
be coded into the Web Service. Furthermore, in an SOA (Services
Oriented Architecture), a centralized DSS server provides a single
implementation point for all XML Signature related services, which can
then be accessed by all Services running within the SOA. This represents
a much more manageable solution that one in which the security layer is
actually coded into each Web Service.
|