Web Services Enhancements

Last updated March 15, 2021

Web Services Enhancements (WSE) is an obsolete^[1] add-on to the Microsoft .NET Framework, which includes a set of classes that implement additional WS-* web service specifications chiefly in areas such as security, reliable messaging, and sending attachments.^[2] Web services are business logic components which provide functionality via the Internet using standard protocols such as HTTP. Web services communicate via either SOAP or REST messages. WSE provides extensions to the SOAP protocol and allows the definition of custom security, reliable messaging, policy, etc. Developers can add these capabilities at design time using code or at deployment time through the use of a policy file.

Versions

All versions install side-by-side.

WSE 1.0 for .NET Framework 1.0 was released in December 2002. It was based on the draft version of WS-Security. It is not supported anymore and is not compatible with .NET 2.0. It uses the older "XMLSOAP" namespace in contrast to the OASIS namespace used by WSS4J and WSE 2.0/3.0.
WSE 2.0 was released for Visual Studio .NET 2003 and the .NET Framework 1.1 in May 2004. It introduced major secure communication improvements (signing and encryption of user-defined SOAP headers, Kerberos Security Context Tokens, delegated trust etc.), a new lightweight messaging infrastructure, a new programming model, support for SOAP based messaging over TCP as an alternative to HTTP, a policy framework based on WS-Policy and WSDL, WS-Addressing, WS-Trust, WS-SecureConversation support.^[3] WSE 2.0 can be used from within standalone executables and Windows services i.e. outside IIS in addition to ASP.NET applications. It is also compatible with .NET 2.0, however it does not have design time support with Visual Studio 2005. It is not interoperable with WSE 3.0 and WCF.
WSE 3.0 was released in October 2005 and has design time support with Visual Studio 2005. It includes policy framework enhancements including security based on policy assertions (associating CLR client proxies with policy files), turnkey security scenarios for securing end to end messages, extensibility mechanisms for user-defined policies in code and a simplified policy model applied to a message exchange instead of on a per-message level. It supports updated web services specifications and a native 64-bit runtime. WS-SecureConversation sessions can be canceled explicitly and sessions are reliable and usable in web farm scenarios as Security Context Tokens can contain the original client authentication token when sent from the client to the service, which enable sessions to be re-established if lost, e.g. when a service's appdomain is reset. WSE 3.0 is wire-level interoperable over HTTP with Windows Communication Foundation (WCF) and supports the same version of the WS-* specifications as WCF (WS-Security 1.1, SOAP 1.2, MTOM).^[4]

WSE stopped receiving updates, as the latest version (WSE 3.0) was supported^[1] with the Lifecycle of .NET Framework 2.0 (whose support ended on July 12, 2011). WCF provides the equivalent functionality.

Related Research Articles

SOAP Messaging protocol for web services

SOAP is a messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. Its purpose is to provide extensibility, neutrality, verbosity and independence. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP), although some legacy systems communicate over Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.

An application server is a server that hosts applications.

Web Services Security is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS.

The WS-I Basic Profile, a specification from the Web Services Interoperability industry consortium (WS-I), provides interoperability guidance for core Web Services specifications such as SOAP, WSDL, and UDDI. The profile uses Web Services Description Language (WSDL) to enable the description of services as sets of endpoints operating on messages.

WS-ReliableMessaging describes a protocol that allows SOAP messages to be reliably delivered between distributed applications in the presence of software component, system, or network failures.

Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95. Windows Server 2016 and Windows 10 also includes this component. In addition to its mainstream server platform support, MSMQ has been incorporated into Microsoft Embedded platforms since 1999 and the release of Windows CE 3.0.

The Global XML Web Services Architecture (GXA) was an announcement by Microsoft in 2002 of several proposals for extensions to SOAP. Some of the components of GXA were developed into standards in combination with other companies, including IBM. Others were specific to Microsoft and have been superseded. Microsoft released a reference implementation of a part of GXA as Web Services Enhancements 1.0 SP1 for Microsoft .NET (WSE).

The Windows Communication Foundation (WCF), previously known as Indigo, is a free and open-source runtime and a set of APIs in the .NET Framework for building connected, service-oriented applications.

Windows CardSpace is a discontinued identity selector app by Microsoft. It stores references to digital identities of the users, presenting them as visual information cards. CardSpace provides a consistent UI designed to help people to easily and securely use these identities in applications and web sites where they are accepted. Resistance to phishing attacks and adherence to Kim Cameron's "7 Laws of Identity" were goals in its design.

Web Services Interoperability Technology (WSIT) is an open-source project started by Sun Microsystems to develop the next-generation of Web service technologies. It provides interoperability between Java Web Services and Microsoft's Windows Communication Foundation (WCF).

OPC Unified Architecture is a machine to machine communication protocol for industrial automation developed by the OPC Foundation. Distinguishing characteristics are:

Apache Axis2 is a web service engine. It is a complete re-design and re-write of the widely used Apache Axis SOAP stack. Implementations of Axis2 are available in Java and C.

Apache CXF is an open-source, fully featured Web services framework. It originated as the combination of two open-source projects: Celtix developed by IONA Technologies and XFire developed by a team hosted at Codehaus. These two projects were combined by people working together at the Apache Software Foundation and the new name CXF was derived by combining "Celtix" and "XFire".

WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange.

WS-SecurityPolicy is a web services specification, created by IBM and 12 co-authors, that has become an OASIS standard as of version 1.2. It extends the fundamental security protocols specified by the WS-Security, WS-Trust and WS-SecureConversation by offering mechanisms to represent the capabilities and requirements of web services as policies. Security policy assertions are based on the WS-Policy framework.

WS-SecureConversation is a Web Services specification, created by IBM and others, that works in conjunction with WS-Security, WS-Trust and WS-Policy to allow the creation and sharing of security contexts. Extending the use cases of WS-Security, the purpose of WS-SecureConversation is to establish security contexts for multiple SOAP message exchanges, reducing the overhead of key establishment.

Security Support Provider Interface (SSPI) is a component of Windows API that performs a security-related operations such as authentication.

Security token service (STS) is a cross-platform open standard core component of the OASIS group's WS-Trust web services single sign-on infrastructure framework specification.^cf. Within that claims-based identity framework, a secure token service is responsible for issuing, validating, renewing and cancelling security tokens. The tokens issued by security token services can then be used to identify the holder of the token to services that adhere to the WS-Trust standard. Security token service provides the same functionality as OpenID, but unlike OpenID is not patent encumbered. Together with the rest of the WS-Trust standard, the security token service specification was initially developed by employees of IBM, Microsoft, Nortel and VeriSign.

gSOAP is a C and C++ software development toolkit for SOAP/XML web services and generic XML data bindings. Given a set of C/C++ type declarations, the compiler-based gSOAP tools generate serialization routines in source code for efficient XML serialization of the specified C and C++ data structures. Serialization takes zero-copy overhead.

References

1 2 "Web Service Enhancements (WSE) Supported Environments – Distributed Services Support Team". blogs.msdn.microsoft.com. Retrieved 2019-07-15.
↑ Overview of WSE
↑ The XML Files: What's new in WSE 2.0
↑ What's new in WSE 3.0

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[:0-1] 1 2 "Web Service Enhancements (WSE) Supported Environments – Distributed Services Support Team". blogs.msdn.microsoft.com. Retrieved 2019-07-15.

[2] Overview of WSE

[3] The XML Files: What's new in WSE 2.0

[4] What's new in WSE 3.0

[1]

[2]

[3]

[4]

v t e Microsoft APIs and frameworks
Graphics	Desktop Window Manager Direct2D Direct3D D3D (extensions) GDI / GDI+ WPF Silverlight WinRT XAML Windows Color System Windows Image Acquisition Windows Imaging Component DirectX Graphics Infrastructure (DXGI) Windows Advanced Rasterization Platform WinG
Audio	DirectMusic DirectSound DirectX plugin XACT Speech API XAudio2
Multimedia	DirectX Media Objects Video Acceleration Xinput DirectInput DirectShow Image Mastering API Managed DirectX Media Foundation XNA Windows Media Video for Windows
Web	MSHTML RSS Platform JScript VBScript BHO XDR SideBar Gadgets TypeScript
Data access	Data Access Components (MDAC) ADO ADO.NET ODBC OLE DB Extensible Storage Engine Entity Framework Sync Framework Jet Engine MSXML OPC
Networking	Winsock LSP Winsock Kernel Filtering Platform NDIS Windows Rally BITS P2P API MSMQ MS MPI DirectPlay
Communication	Messaging API Telephony API WCF
Administration and management	Win32 console Windows Script Host WMI (extensions) PowerShell Task Scheduler Offline Files Shadow Copy Windows Installer Error Reporting Event Log Common Log File System
Component model	COM COM+ ActiveX Distributed Component Object Model .NET Framework
Libraries	Framework Class Library Microsoft Foundation Classes (MFC) Active Template Library (ATL) Windows Template Library (WTL)
Device drivers	WDM WDF KMDF UMDF WDDM NDIS UAA BDA VxD
Security	Crypto API CAPICOM Windows CardSpace Data Protection API Security Support Provider Interface (SSPI)
.NET	ASP.NET ADO.NET Remoting Silverlight TPL WCF WCS WPF WF
Software factories	EFx Factory Enterprise Library Composite UI CCF CSF
IPC	MSRPC Dynamic Data Exchange (DDE) Remoting WCF
Accessibility	Active Accessibility UI Automation
Text and multilingual support	DirectWrite Text Services Framework Text Object Model Input method editor Language Interface Pack Multilingual User Interface Uniscribe

Web Services Enhancements

Contents

Versions

See also

Related Research Articles

References

External links