Matt Powell’s MSDN article on Programming with WSE2. I know – it’s been around since July…six plus months, but hey, I’m an “early-ish” adopter, not an instant adopter. Also of course the reference docs. Here’s a list of MSDN articles.
Having delved into WSE1 makes this all seem so sensible. Like Policy configuration files. Neat. Rather than writing all of that glob in the webservice code and in my client side code, I create a config file (that can be used over and over and over again if I like) that defines what the requirements are before a message can be processed and their are policies for sending and receiving. So this goes way beyond just encrypting a message and tightens down your processes like crazy. Here are some of the things that you can test for before you even decide to BOTHER with the message. You can demand that it be signed with a particular type of digital signature. You can say that you will only look at messages that are *fully* encrypted rather than messages that only have certain portions encrypted. Thihgs like that. So you could conceivably create a policy that will apply to all web services used in all of your applications. Makes sense.You may already have those policies on paper, but then have to implement them in gobs of code. Now you can take those paper policies and write them into a policy configuration file.
Now I still have to work out how all of the rest of the stuff happens. And I am cross-eyed and Rich is getting ready to go ski in the woods and I am NOT missing out on that happy and hard-earned event.
Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!