Problem solve Get help with specific problems with your technologies, process and projects.

Is my understanding of the Feature Component correct?

Apologies if this topic was discussed before, though I searched Google and didn't find any answers concerning my question.

AFAIK WSDL 1.1 didn't support the definition of any security features needed for consuming a service, i.e. if a service only accepted SOAP messages protected with WS-Security, one couldn't define this in the WSDL but had to find out on different ways.

WSDL 2.0 has a "Feature Component" ( https://www.w3.org/TR/2003/WD-wsdl20-20031110/#Feature) which could be used to declare that the service expects only SOAP Messages with WS-Security secured messages. Is my understanding of the Feature Component correct?

If yes, wouldn't this imply that it competes with WS-Policy? Or at least for the "low-level", "technical" policies be a substitute technology?
Unfortunately WSDL doesn't yet support security. There is a lot of work going on behind the scenes on the best way to declare security in WSDL. However, nothing has reached the level of a specification. Bottom line is that you could use the feature component to declare what your service expects, but this would not be generally interoperable. Part of the off-line discussion is the intersection of some of the ideas for WSDL based security with WS-Policy, which is also not yet a specification from a specification committee.

Dig Deeper on Topics Archive

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.