Skip to content

Home

Jump to bottom
Peter Böthig edited this page Nov 26, 2016 · 3 revisions

#For what?

SECURE YOUR API

WSSE = Webservice Security. is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS.

The protocol specifies how integrity and confidentiality can be enforced on messages and allows the communication of various security token formats, such as Security Assertion Markup Language (SAML), Kerberos, and X.509. Its main focus is the use of Header Signature and Encryption to provide end-to-end security.

SRC: WIKIPEDIA.

This is a port of SOAP WSSE to REST based Webservices on top Symfony 3.1. The authentication makes the request more secure by encrypting credentials with configurable encrypters like sha512, AES 512. Default encryption is sha512

Each requests needs a X-WSSE header generated by this bundle. On the serverside there is a cli tool to generate this header for a specific user.

The Serviceapi contains a method /wsse/generate, wich u can use to generate accessheader for your different users. With this header you can consome your api.

Clone this wiki locally