Web services tools offered by Microsoft are about to get a little safer to use.
The Redmond, Wash. software maker Tuesday issued a preview of the next
version of developer tools to give Visual Studio .NET developers support for
designing and building advanced Web services.
Web services
software companies large and small are seeking to build. They are made
available from a business’s Web server for Web users or other Web-connected
programs, and often allow applications to communicate with one another to
perform tasks.
Microsoft, along with IBM , Sun Microsystems
and BEA Systems
to name a few, are hedging
their bets on Web services technologies to catapult them into the next era
of computing. Microsoft would like to lure more developers to its .NET
platform to build these Web services on, while the other rivals rely on Java-based platforms and services.
Microsoft Web Services Enhancements (WSE) version 2.0 offers new security
features, which experts say are necessary to make such processes
work and make the authoring of secure Web services in enterprises and
trust domains easier.
WSE 2.0 provides a messaging-based object model that supports multiple
transports, including TCP and HTTP, and synchronous and asynchronous
communications. Synchronous messages are those in which the sender must wait
for a reply, while asynchronous messages may be submitted and retrieved any
time without a user having to wait for a reply.
Compared to WSE 1.0, which was released
last December, WSE 2.0 features improved routing and attachment capabilities
and adds a layer for building applications based on Microsoft co-authored Web services
specifications, including WS-Security, WS-Policy, WS-SecurityPolicy,
WS-Trust, WS-SecureConversation and WS-Addressing.
These specs have been enjoying
momentum in recent months. Within WSE 2.0, WS-Trust, WS-SecureConversation
build on WS-Security and define extensions to request and issue security
tokens and to manage relationships and secure conversations.
WS-Policy and WS-SecurityPolicy help developers author policies that operate
a runtime component. For example, the runtime can automatically sign and
encrypt a message based on the authored policy without the developer having
to write code. WS-Addressing provides users a message-based programming
model over TCP and HTTP, allowing them to explore alternative types of
SOAP-based applications such as ad hoc peer-to-peer applications.
“Developers are now able to apply a set of security policies to Web services
with minimal lines of code in a way that is interoperable across
heterogeneous systems,” said Rebecca Dias, product manager for advanced Web
services at Microsoft.
Microsoft counts media giant Reuters as one of the companies using WSE to
deliver financial information using Web services.
“WSE and the Microsoft .NET Framework address a critical need for our
customers by providing the necessary security infrastructure by leveraging
WSE’s implementation of WS-Security and WS-Policy capabilities,” said Bill
Evjen, technical director of development for Reuters. “This infrastructure
allows our customers to quickly and easily communicate with our financial
services customers in a secure and standardized manner.”
WSE 2.0 is available as a free download at the MSDN site.