6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Recommended ways to secure a webservice?\",\"text\":\"

Do you know what are the best practices in securing webservices ?

\\n\\n

What I need is some security added in the header of the soap message.\\n(ssl is not an option)

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"user812723\"},\"upvoteCount\":0,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

You can use XML-Encryption defined by W3C to make sure that your WS Messages stay confidential.\\nTheres also an XML-Signature Standard, also by W3C, which ensures Integrity.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"gorootde\"},\"upvoteCount\":0}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","java",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/java/1","children":"java"}]}],["$","span","web-services",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/web-services/1","children":"web-services"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/332c82eae705d12c4afa501769c9836c?s=256&d=identicon&r=PG","alt":"user812723","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/812723/user812723","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"user812723"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",23]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Recommended ways to secure a webservice?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

Do you know what are the best practices in securing webservices ?

\n\n

What I need is some security added in the header of the soap message.\n(ssl is not an option)

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",0]}],["$","p",null,{"children":["Views: ",87]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","6685268",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/8a662b85e473c0c03c90a3a0ca42dff8?s=256&d=identicon&r=PG","alt":"Mike Samuel","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/20394/mike-samuel","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Mike Samuel"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",120516]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

Maybe you can add the

X-Magic-Security-Dust: true\n

header to your requests.

Seriously though, read Bruce Schneier and maybe repost with clarification.

\n
What's going to be different about the state of Internet and network security three years from now?
\n
I think we're finally past the era where people believe in magic security dust, that all they need to do is buy the right set of products and their network will be imbued with the property of "secure." Security is a process. It's a journey.
\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}],["$","div","6685263",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/3VAQv.jpg?s=256","alt":"gorootde","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/822052/gorootde","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"gorootde"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",4073]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You can use XML-Encryption defined by W3C to make sure that your WS Messages stay confidential.\nTheres also an XML-Signature Standard, also by W3C, which ensures Integrity.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","7062769",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/7062769","className":"text-blue-600 hover:underline","children":"Webservice Security - what is enough?"}]}],["$","li","829375",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/829375","className":"text-blue-600 hover:underline","children":"How to secure a webservice in .net?"}]}],["$","li","2271875",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2271875","className":"text-blue-600 hover:underline","children":"What is the best way to secure a webservice?"}]}],["$","li","6952416",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/6952416","className":"text-blue-600 hover:underline","children":"Secured authentication in web service"}]}],["$","li","5296324",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/5296324","className":"text-blue-600 hover:underline","children":"How can I build simple secure web service with Java?"}]}],["$","li","5145638",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/5145638","className":"text-blue-600 hover:underline","children":"Security with Web Services in Java"}]}],["$","li","4874507",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4874507","className":"text-blue-600 hover:underline","children":"Secure Java Web Services"}]}],["$","li","2671306",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2671306","className":"text-blue-600 hover:underline","children":"Security and authentication in web services"}]}],["$","li","2180003",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2180003","className":"text-blue-600 hover:underline","children":"Webservice security - What is the best option?"}]}],["$","li","256899",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/256899","className":"text-blue-600 hover:underline","children":"How to go about web service security in Java"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Recommended ways to secure a webservice?

Answers (2)

Related Questions