GT 4.2.1: Java WS Authentication & Authorization


The Web Services portion of GT 4.2.1 uses SOAP over HTTP for communicating messages. WS Authentication & Authorization in Java (Java WS A&A) implements the WS-Security standard and the WS-SecureConversation specification to provide message protection for SOAP messages. Features include:

  • authentication of the sender
  • encryption of the message
  • integrity protection of the message
  • replay attack protection

Java WS A&A provides a secure channel by using HTTP over SSL/TLS (HTTPS) for transporting the messages. This security mechanism supports all of the security features provided by SSL/TLS with the addition of support for X.509 Proxy Certificates. The Authorization Framework component of Java WS A&A provides the infrastructure to process attributes and protect resource access based on access policy. It allows for authorization policy to be configured and enforced at various levels of granularity (container, service or resource). It also provides client-side authorization to allow clients to authorize the services they access. The framework is pluggable and can be configured to use custom mechanisms for attribute collection and policy evaluation. It also provides multiple authorization module implementations; for example, support for gridmap-based authorization, a callout module that uses the SAML protocol to query a external service for an authorization decision and such.

The following guides are available for this component:
The Globus Toolkit 4 Programmer's Tutorial Useful tutorial about programming with Web Services in GT4.
Security Key Concepts For important general concepts. [pdf]
Admin Guide For system administrators and those installing, building and deploying GT. You should already have read the Installation Guide and Quickstart. [pdf]
Java WS A&A Security Descriptors Reference on the basic configuration mechanism for Java WS A&A. [pdf]
User's Guide This component is a framework and does not typically have end-users; however, this guide includes some helpful configuring and troubleshooting information for end-users. Be sure to also read the GT User Guide for important general information for end-users. [pdf]
Developer's Guide Reference and usage scenarios for developers. [pdf]
Java WS A&A Errors List of errors you may encounter with this component with possible solutions.
PDP Reference Reference of available Policy Decision Points (PDPs). [pdf]
PIP Reference Reference of available Policy Information Points (PIPs). [pdf]
Other information available for this component are:
Release Notes What's new with the 4.2.1 release for this component. [pdf]
Public Interface Guide Information for all public interfaces (including APIs, commands, WSDL, etc). Please note this is a subset of information in the Developer's Guide. [pdf]
Quality Profile Information about test coverage reports, etc. [pdf]
Migrating Guide Information for migrating to this version if you were using a previous version of GT. [pdf]
All Java WS A&A Guides (PDF only)Includes all Java WS A&A guides except Public Interfaces (which is a subset of the Developer's Guide)