SOA-Security-Lab-(S90-20A).pdf - SOA S90-20A SOA Security...

This preview shows page 1 - 4 out of 7 pages.

S90-20A SOA SOA Security Lab
protocol. Before invoking Service A, Service Consumer A must request a ticket granting ticket and then it must request service granting tickets to all services in the service composition, including Services C and D. Messages sent by Service B to Services C and D must further be encrypted with the public key of Service Consumer A. Answer: A QUESTION: 28 Services A, B, and C reside in Service Inventory A and Services D, E, and F reside in Service Inventory B. Service B is an authentication broker that issues WS-Trust based SAML tokens to Services A and C upon receiving security credentials from Services A and C. Service E is an authentication broker that issues WS-Trust based SAML tokens to Services D and F upon receiving security credentials from Services D and E. Service B uses the Service Inventory A identify store to validate the security credentials of Services A and C. Service E uses the Service Inventory B identity store to validate the security credentials of Services D and F. It is decided to use Service E as the sole authentication broker for all services in Service Inventories A and B. Service B is kept as a secondary authentication broker for load 41
balancing purposes. Specifically, it is to be used for situations where authentication requests are expected to be extra time consuming in order to limit the performance burden on Service E. Even though Service B has all the necessary functionality to fulfill this new responsibility, only Service E can issue SAML tokens to other services. How can these architectures be modified to support these new requirements?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture