SOA Security Testing - XML Gateways
SOA/XML Gateways are a secure bridge that integrate enterprises with their trading partners while ensuring that the information flow upholds the tenants of information assurance: privacy (encryption), integrity (signatures and schemas) and traceability (audit and archive). SOA Testing XML Gateways requires significant functional depth across security attributes (SSL, WS-Encryption, WS-Signatures), identity facets (SAML, WS-UserName, WS-X.509, WS-Kerberos), structural tests (Schema and Schematron) as well as message exchange patterns based on XML, SOAP, and REST.
Forum Sentry is one such XML Gateway with significant differentiating emphasis on security. Jason Macy, VP Engineer and CTO at Forum Systems recently recorded an informative webcast highlighting the security for XML Gateways. Once such Gateways are deployed, using comprehensive SOA Testing products such as SOAPSonar is essential to ensure that the gateway is operating as expected.