1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
<!--
-
- This file is part of the OpenLink Software Virtuoso Open-Source (VOS)
- project.
-
- Copyright (C) 1998-2012 OpenLink Software
-
- This project is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; only version 2 of the License, dated June 1991.
-
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-
-->
<?xml version="1.0" encoding="ISO-8859-1"?>
<refentry id="WS-S-2">
<refmeta>
<refentrytitle>WS Security</refentrytitle>
<refmiscinfo>tutorial</refmiscinfo>
</refmeta>
<refnamediv>
<refname>Symmetric Encryption</refname>
<refpurpose>Secure SOAP Client using Symmetric Encryption (3DES)</refpurpose>
</refnamediv>
<refsect1 id="WS-S-2a">
<title>Example</title>
<para>
This section describes how to make secure web services call, using a symmetric key encryption.
The algorithm used for these examples is tripple-des.
</para>
<itemizedlist mark="bullet">
<listitem>Both server and client have a shared secret, which is used to encryt and decrypt the SOAP message.</listitem>
<listitem>In practice the key is transfered by some secure way between client and server, as if it's captured the all traffic between server and client can be compromised.</listitem>
<listitem>Virtuoso keeps keys internally and can be instantiated with xenc_key_instance_create ().</listitem>
<listitem>In this example we are using a key 'WSDK Sample Symmetric Key', imported from WSDK.NET SymmetricEncryption example. This is to have the same key in all places: .NET server and client, Virtuoso server and client.</listitem>
<listitem>Another posibillity is to generate the key on Virtuoso side with xenc_key_3DES_rand_create() and export to the .NET client and server configuration. To export the 3DES key can be used xenc_key_serialize () function. </listitem>
</itemizedlist>
<para>
The Virtuoso VSP based clients demonstrate
</para>
<itemizedlist mark="bullet">
<listitem> accessing Virtuoso Web Service with Virtuoso client</listitem>
<listitem> accessing .NET Web service with Virtuoso client</listitem>
</itemizedlist>
<para>
To run .NET client against Virtuoso service you need:
</para>
<itemizedlist mark="bullet">
<listitem>This example works with MS WSDK; MS WSE 2.0 obsolete the data encryption directly a key data.</listitem>
<listitem>to change <virtuoso:port> to host and port where your virtuoso HTTP server is listening.</listitem>
<listitem>compile the example issuing nmake command in the tutorial/services/ws_s_2 directory.</listitem>
<listitem>if you going to compile the client on an other box, make sure that .config file is in the same directory where is .exe file.</listitem>
</itemizedlist>
</refsect1>
</refentry>
|
