Method, hardware product, and computer program product for optimizing security in the context of credential transformation services

摘要

Security is optimized in the context of a credential transformation service (CTS) by utilizing a web services client runtime to gather information for determining whether or not a target web service is hosted in a security domain used by a client application and for determining whether or not the target web service uses an authentication mechanism substantially identical to that used by the client application. The gathered information is carried in an endpoint reference (EPR) of the target web service. In response to the client receiving the EPR, the client applies an optimization process to eliminate a possible unnecessary invocation of the CTS, wherein the target web service is an authoritative manageable resource having minimal or no responsibility for providing its identity, and having minimal or no responsibility for advertising any creation and destruction lifecycle related events.