Back to Security Pattern Catalog

Message Interceptor Gateway

Classification Key : Perimeter Security, Tampering


XML based external attacks from unauthorized entities have to be prevented by data sanitization on the application layer. XML message based attacks like buffer overflows, malicious data injection, and virus attachments. XML traffic also has to go through monitoring, logging and recording of audit trails. In order to do that, XML traffic has to be intercepted, examined and applied the transformations incurred by the security policies. The content-level processing operations include authentication, authorization, auditing, encryption/decryption, signature validation, compression/decompression, and transformation, routing and management functions. How can all these operations be done on XML at the entry point?


Use a proxy infrastructure providing a centralized entry point that encapsulates access to all target service endpoints of a Web services provider. It acts as a controller that aggregates access and enforces security mechanisms on the XML traffic by making use of identity and access management infrastructure. Secure incoming and outgoing XML traffic by securing the communication channels between the service endpoints.

Known Uses

Application level XML validation of data in HTTP/SSL connection.

Related Patterns

Secure Message Router, Single Access Point


Sun Book


XML, Application Layer, Interceptor


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz