[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [ebxml-dev] Authentication/Authorization with MSH?
Question has come up as to how best to implement/integrate authentication/authorization functions with ebXML MSH. The spec makes reference that authentication would be done by the communications protocol used. (TLS or IPSEC for example). However, what if you want to authenticate using some other technique that is independent of the comm protocol? Any suggestions as to how this should be implemented? Would you authenticate prior to MSH receiving the message (ie. transparent to MSH)? If the authentication was called from the MSH instead, then would you return a technical failure or a business failure condition if the authentication failed (the approach chosen would determine how acks/auth failures were handled....at the message or the biz transaction level). Regarding authorization.....there is mention that exchange of credentials could be accomplished using SAML (which implies that you could integrate with the Liberty initiative). But there are no details on how best to do this. Can anyone point me to some more detailed info, or offer some suggestions as to how best to incorporate authentication/authorization into MSH? Thanks! ...Andrzej Chaeron Corporation http://www.chaeron.com
Powered by eList eXpress LLC