Web Service Security Testing with Rational AppScan

How secure are you web service really?Are you web services more secure going through Datapower?Do you need answers for these and many more security question then Rational AppScan is the answer.

Topology for my test: EJB running on WAS -> Web Service (wsdl) Front Side Handler through Datapower.
Import wsdl file into Rational AppScan there Datapower is the Front side handler. Click on the Run button to start the Web Service Testing. AppScan tests the web service for different, random parameters.

After the scan completed a report was generated for the errors, information or warning for specific Web Service parameters and how to fix the errors in your Java code.

This is a great way to see how you can improve web service security where Datapower is the from side handler managing web service security.

Issue Information

Advisory – Application Error

Fix Recommendation

2 thoughts on “Web Service Security Testing with Rational AppScan

  1. The cool thing needed here are that Appscan provides a quick fix for datapower, so datapower can protect the service until the developer has time to fix the code:)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s