Back to Security Pattern Catalog




Secure Service Proxy


Classification Key : Core Security

Problem

Adaptation of existing systems to newer security protocols is a standard practice in software maintenance. In case of SOA, you want to expose your existing system as services that interact with other services, but their security protocols do not match. How can you efficiently integrate with existing security protocol without going back to rewriting the entire system?

Solution

Provide security service as a wrapper. Intercept all the requests from clients, identify the requested service, enforce the security policy as required by the service, optionally transform the request for the inbound protocol to that expected by the service, and finally forward the request to the appropriate destination service. On the return path, transform the results according to outbound requirements. Externalize the addition of security logic to existing applications.

Known Uses

Pluggable PGP module.

Related Patterns

Intercepting Web Agent, Secure Message Router

Source

Sun Book

Tags

Maintenance, Proxy


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz