Microsoft this week began offering a beta release of its Web Services Enhancements 3.0 pack for .Net, which is focused on security.
Microsoft in June had released Community Technology Preview (CTP) builds, which are less stable, pre-beta versions, of WSE 3.0. “This beta represents the evolution that takes into consideration the valuable customer feedback received so far, especially through the MSDN (Microsoft Developer Network) product feedback centre,” Microsoft said in a prepared statement on Friday afternoon.
“The core features remain unchanged from the CTP. However, this beta release brings improved diagnostics, the ability to generate ASP. Net proxies from Web services hosted over TCP, improved security, and the integration of the SoapHttpRouter with declarative policy files,” Microsoft said in its statement. “This beta release is another step in the product cycle to enable developers to see how the product is evolving and receive more feedback. WSE 3.0 will be released by the end of the year.”
WSE 3.0 is intended for developers using Visual Studio 2005, which ships this November, and .Net Framework 2.0.
WSE 3.0 has “significantly simplified common security exchange patterns,” according to an overview published on Microsoft’s online Download Center. Featured are “built-in standard ‘turnkey’ security scenarios to easily secure messages between a client and a service,” the overview states.
Through WSE, Web services can be signed and encrypted using X.509 certificates and binary and XML-based security tokens. Additionally, username/password credentials can be used for authentication.
WSE 3.0 also has aligned the declarative policy model with the imperative programming model so that policies are always used to apply security and other assertions to a SOAP message via policies files or in code. Policy files can be associated with a client proxy or a service via a policy attribute.
ASP.Net Web services hosted outside of Internet Information Services are supported in WSE 3.0. Large amounts of binary data can be sent securely via the SOAP Message Transmission Optimization (MTOM) specification.
Session management is improved through re-establishment of secure conversations that had been lost. This function enables secure conversations in Web farm scenarios.
WSE offers a foundation for building applications that are based on the WS-* (called WS-star) Web services specifications promoted by Microsoft, including WS-Security, WS-Trust, WS-SecureConversation, and WS-Addressing.