SOAP is simply an XML message format that can be used to pass data between systems. It's not within the scope of SOAP to implement security. That being said, it's quite easy to secure SOAP messages. You can encrypt the SOAP messages to ensure data integrity and data privacy. You can sign the messages with a digitial signature for authentication and proof of origin. You can require that one or both of the participants in a SOAP message exchange authenticate themselves. You can intercept a SOAP message before it's passed to an application to check for proper authorization. This documentation provides an overview of how you might implement security using SOAP: http://www.systinet.com/products/wasp_advanced/doc/security_overview.html
Dig Deeper on Topics Archive
Related Q&A from Anne Thomas Manes
Anne Thomas Manes explains the differences between open source clients and open source implementations. Continue Reading
Anne Thomas Manes discusses the best way to go about creating an enterprise data dictionary and why the systems works well. Continue Reading
Anne Thomas Manes explains the difference between 'hard' real time and 'live' real time systems. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.