Skip to content

Archives

SOAP and firewalls

Taking a look at the referrers, I came across Mark O’Neill’s weblog, which lists taint.org on the blogroll; Mark’s the CTO of Vordel. They have a product called VordelSecure, which seems to be a SOAP firewall proxy, in the same way the Wonderwall product I wrote for Iona was a proxy for CORBA:

When a firewall examines a SOAP request received over HTTP, it might conclude that this is valid HTTP traffic and let it pass. Firewalls tend to be all-or-nothing when it comes to SOAP. A SOAP-level firewall should be capable of:
  1. Identifying if the incoming SOAP request is targeted at a Web service which is intended to be available

  2. Identifying if the content of the SOAP message is valid. This is analogous to what happens at the Network Layer, where IP packet contents are examined. However, at the Application Layer it requires data that the Web service expects.

Cool!

I hear Wonderwall is still around, but rewritten from the ground up. Sorry about that to whoever had to rewrite it ;)