Chain of Responsibility Pattern The Chain of Responsibility pattern (refer to [CoR1] and [CoR2] for details) allows a handler object to handle the service request without coupling the sender of the service request to the recipient. By using the handler object, this pattern chains together the receiving objects and passes the service request along the chain of processes. The Chain of Responsibility pattern is generic to Java or .NET platforms and can be applied to security processing logic specific to Java EE .NET interoperability, assuming that the technical details need to be hashed out. Message Inspector Pattern The Message Inspector pattern (refer to [CSP] for details) introduces the concept of a message handler chain of security processing actions to pre-process and post-process SOAP messages. These actions can include verifying user identity, validating messages for compliance with Web services standards, validating digital signatures, encrypting and decrypting business data, and auditing and logging. This design strategy is specialized for Web services running on the Java platform and does not cover the details of Java EE .NET interoperability or related technologies. Secure Logger Pattern The Secure Logger pattern (refer to [CSP] for details) introduces some best practices to create secure logs for business transactions using message digest, cipher, signature, and UID generator classes. This pattern is targeted for Java applications developed for the Web tier and does not cover the details of Java EE .NET interoperability or related technologies.
|