Simon Fell > Its just code
I just set-up a poll for required features for the pocketSOAP set of tools on the pocketSOAP mailing list. Join the list and vote.
Having more problems with .NET webservices. Perhaps the MS guys should get organized and ship one complete SOAP/WSDL toolkit, rather than 5 half baked ones [theres 2 in .NET, MSTK2.0, ATL and Biztalk]
I'm just having no luck at all with ASP.NET web services.
As I suspected WS-License and WS-Security allow for the passing of credentials, but doesn't define an authentication scheme, rather they assume you'll be using some existing authentication scheme, like kerberos or x509 certificates.
I found The Rules for Open-Source Programming to be both insightful and a joy to read. I especially like Ralph's more rules, and Sunir's corrolaries has given me much to think about. [Sam Ruby's Radio Weblog]
Grrrhhhh, I see the folks at msdn have had done their monthly random shuffling of pages, lots of 404s. Come on guys, its a joke how often you mess it up, get a grip !.
I'm looking at SOAP based authentication today, how to do authentication with no reliance on the transport used. So far i've looked at SOAP Extensions: Basic and Digest Authentication from Bob Cunnings and Rich Salz. Pretty easy to implement [I knocked up a pocketsoap / c# client for this in a couple of hours], and I like the fact that its safe from replay attacks.
I'll probably take another look at the MS GXA specs later, but i suspect for authentication they're going to be using Kerberos tickets packaged in WS-License headers, which will be fine, when Passport 3.0 ships with Kerberos support.
Know of any I've missed, then let me know.
Sam, thanks for the kind words