Contents
The Sign Web Service filter enables the API Gateway to generate XML signatures as a service according to the OASIS Digital Signature Services (DSS) specification. The DSS specification describes how a client can send a message containing an XML signature to a DSS signature web service that can sign the relevant parts of the message, and return the resulting XML signature to the client.
The advantage of this approach is that the signature generation code is abstracted from the logic of the web service and does not have to be coded into the web service. Furthermore, in a Services Oriented Architecture (SOA), a centralized DSS server provides a single implementation point for all XML signature related services, which can then be accessed by all services running in the SOA. This represents a much more manageable solution that one in which the security layer is coded into each Web service.
