Does WS-Security protocol require SSL for encrypting messages and for authenticating clients using certificates, or is WS-Security protocol independ开发者_如何学JAVAent of SSL and thus it doesn't use SSL to perform the encryption and certificate authentication?
thank you
SSL (and newer TLS) is apparently an alternative to WS-Security so I doubt it to be the case that ws-security requires SSL. http://en.wikipedia.org/wiki/WS-Security#Transport_Layer_Security_.28Without_WS-Security.29
You can encrypt and sign with WS-Security. That said SSL is a much more understood protocol with a very low overhead. SSL/TLS is not computationally expensive any more
So you should consider using SSL first and WS-Security if needed. WS-Security is an option if you use authentication based on security token formats, such as SAML, Kerberos, or X.509.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论