Design and Implementation of Web Services Access Control

To achieve secure access to Web services,using the shortcomings of Web services security mechanisms of transporting SOAP messages by SSL which is only considering point-to-point communication,can not be achieved end-to-end communications and can not encrypt the part of message,based on the analysis of WSS4J which is the open-source of WS-Security,design a schema of Web services access control based on SOAP message processing.Use the SOAP message processor to achieve the security of Web services messages,and use access control mechanisms to achieve the mandate of Web services,also propose the methods of extending the SOAP message on java platform and test this security model.This model implements the secure communication with SOAP message and prevents unauthorized access to related resources.