SOAP/HTTPS proxying
nevisProxy allows proxying of SOAP requests over HTTP(S). Additionally – in combination with nevisAuth – WSS (Web Services Security) is supported. For these specifications refer to Oasissee www.oasis-open.org, where you will find the following documents:
- Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)
- Web Services Security UsernameToken Profile 1.0
- Web Services Security X.509 Token Profile
- Web Services Security SAML Token Profile
SOAP/WSS requests contain a UsernameToken or a X.509 Token that is embedded in a SOAP/WSS-Security header. After successful authentication, the call to the SOAP service behind the proxy is done with a modified SOAP message: The SOAP/WSS-Security header is substituted with a SAML assertion or a Nevis SecToken.