Hi.
My goal is to achive security similiar to the HTTPS.
The data visible for the port sniffer must be ciphered.
Is this possible with WS-Security or WS-Security only enables mi to
secure
authorization and other stuff.
i will appreciate any answers.
AFAIK, WS-Security only treats encryption and signing of message content
(soap body). Some parts of the soap header will be in plain text - this allows
messages to be routed, stored, resent etc by untrusted intermediaries such
as proxies, or to be converted between transport protocols (e.g. from http
to msmq).
To get full encryption, you must also use a transport level mechanism such
as https.
Of course, the challenge with https is that it requires a direct realtime
connection between provider and consumer.
regards
PK