Skip to end of metadata
Go to start of metadata

You basically need to pass a Security Token with each service invocation. On pre-invocation you do the normal access control, of post-invocation you need to filter the data-values (i.e. remove sensitive data if the security token does not have the right access. This is necessary, since we no longer have any single point of control, or trying to establish a single point of control will break the agility and time-to-marked values of your SOA.


Relationship to other SOA strategies

Add entry

The Laws of SOA

Add entry

Service Manifest

Add entry

Design-Time Governance - SOA Design Rules

Add entry

  • [Question still to be asked..]

NB! Feel free to add any question you might have here

Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.