开发者

What is the security advantage of STS in web services?

I've 开发者_如何转开发started reading up on security (particularly authentication) with web services and I see a lot of references to security token services.

From what I see, they take a username-password (or something) and, on validation, return a digital token. How is using this token any more secure then just relying on the username-password in the first place?


It's not necessarily "more secure".

It's just more convenient. Imagine you have more than one web service in your organisation. The client can use the optained token to prove his identity to all of those services.

I recommend reading this article for further information.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜