KIT | KIT-Bibliothek | Impressum | Datenschutz

SOA-aware Authorization Control

Emig, Christian; Schandua, Heiko; Abeck, Sebastian

The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOA’s business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services.

Open Access Logo

Volltext §
DOI: 10.5445/IR/1000008038
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Jahr 2006
Sprache Englisch
Identifikator ISBN: 0-7695-2703-5
KITopen-ID: 1000008038
Erschienen in International Conference on Software Engineering Advances (ICSEA 2006)
Externe Relationen Siehe auch
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page