A comprehensive solution, however, cannot ignore that many
transactions are driven through the use of a web browser. A web
browser cannot apply cryptography to messages in the same
way as a web service can. Hence, this situation must be accommodated
by opportunely devising message exchanges protected
by transport security. WS-Federation devotes a comprehensive
portion of its text for addressing the web browser case, which is
referred to as the passive requestor case.
WS-Federation is a speci?¬?cation of key importance. The explanation
we gave here does not even begin to scratch its surface. It
is advisable to everybody interested in enterprise identity management
to become intimately familiar with this speci?¬?cation.
156 Hints Toward a Solution
The Identity Metasystem and the practices it enables are often
de?¬?ned as ???user-centered federation.??? Whereas WS-Federation
relies on automatic sequences driven by metadata and by intercompany
partnerships, the Identity Metasystem can leverage the
newfound user control for driving decisions with much looser
relationships between entities. The two models are complementary,
and they have ample areas of collaboration and synergy.
Pages:
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268