SOAP and HTTPS proxying

nevisProxy allows proxying of SOAP requests over HTTP(S). Additionally – in combination with nevisAuth – WSS (Web Services Security) is supported. For these specifications refer to Oasissee www.oasis-open.org, where you will find the following documents:

1. Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)
2. Web Services Security UsernameToken Profile 1.0
3. Web Services Security X.509 Token Profile
4. Web Services Security SAML Token Profile

SOAP/WSS requests contain a UsernameToken or a X.509 Token that is embedded in a SOAP/WSS-Security header. After successful authentication, the call to the SOAP service behind the proxy is done with a modified SOAP message: The SOAP/WSS-Security header is substituted with a SAML assertion or a Nevis SecToken.