|
The filter allows the Enterprise Gateway to generate XML Signatures
"as a service" according to the OASIS DSS (Digital Signature Services)
specification. The DSS specification describes how a client can send a
message containing an XML Signature to a DSS Signature Web Service
that can sign the (relevant parts of the) message and return the resulting
XML Signature to the client.
The advantage of this approach is that the Signature generation code is
abstracted away from the logic of the Web Service and does not have to
be coded into the Web Service. Furthermore, in an SOA (Services
Oriented Architecture), a centralized DSS server provides a single
implementation point for all XML Signature related services, which can
then be accessed by all Services running within the SOA. This represents
a much more manageable solution that one in which the security layer is
actually coded into each Web Service.
|