Tuesday, July 14, 2009

SOA Perspective on Authorization

I'm blogging in two places, and some times I'm not sure which makes the most sense. Thanks to modern search technology, maybe it doesn't matter :)

I just finished a post on Authorization Pre-Caching. To avoid accusations of a "Remember When" cheesy sitcom, re-tread post, I'll add some more color on this use case in the broader context of SOA, and specifically OSB.

If you want to have a centralized authorization solution and it needs to be very very fast, SOAP is not a good choice. In my experience you're adding 10s of ms latency compared to a binary protocol like RMI. For general purpose services this may not matter, but for fast authorization/entitlement services this is a non starter. If you have to have a very fast binary protocol, consider building a custom transport.

This enables the very fast compact protocol that is required to meet extreme performance requirements, but instead of a proprietary or light-weight contained, it can be serviced by an enterprise class container that provides routing, SLA, reporting (insert OSB marketing here)

If said modern search technology brought you here, and you found a post on exposing security functionality with SOA, but you really wanted "How to Secure my SOA", try here - from last year's OOW

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.