Web Services Enhancements (WSE) is an add-on to the Microsoft .NET Framework which includes a set of classes that implement additional WS-* web service specifications chiefly in areas such as security, reliable messaging, and sending attachments. Web services are business logic components which provide functionality via the Internet using standard protocols such as HTTP. Web services communicate via either SOAP or REST messages. WSE provides extensions to the SOAP protocol and allows the definition of custom security, reliable messaging, policy, etc. Developers can add these capabilities at design time using code or at deployment time through the use of a policy file.
All versions install side-by-side.
- WSE 1.0 for .NET Framework 1.0 was released in December 2002. It was based on the draft version of WS-Security. It is not supported anymore and is not compatible with .NET 2.0. It uses the older "XMLSOAP" namespace in contrast to the OASIS namespace used by WSS4J and WSE 2.0/3.0.
- WSE 2.0 was released for Visual Studio .NET 2003 and the .NET Framework 1.1 in May 2004. It introduced major secure communication improvements (signing and encryption of user-defined SOAP headers, Kerberos Security Context Tokens, delegated trust etc.), a new lightweight messaging infrastructure, a new programming model, support for SOAP based messaging over TCP as an alternative to HTTP, a policy framework based on WS-Policy and WSDL, WS-Addressing, WS-Trust, WS-SecureConversation support. WSE 2.0 can be used from within standalone executables and Windows services i.e. outside IIS in addition to ASP.NET applications. It is also compatible with .NET 2.0, however it does not have design time support with Visual Studio 2005. It is not interoperable with WSE 3.0 and WCF.
- WSE 3.0 was released in October 2005 and has design time support with Visual Studio 2005. It includes policy framework enhancements including security based on policy assertions (associating CLR client proxies with policy files), turnkey security scenarios for securing end to end messages, extensibility mechanisms for user-defined policies in code and a simplified policy model applied to a message exchange instead of on a per-message level. It supports updated web services specifications and a native 64-bit runtime. WS-SecureConversation sessions can be canceled explicitly and sessions are reliable and usable in web farm scenarios as Security Context Tokens can contain the original client authentication token when sent from the client to the service, which enable sessions to be re-established if lost, e.g. when a service's appdomain is reset. WSE 3.0 is wire-level interoperable over HTTP with Windows Communication Foundation (WCF) and supports the same version of the WS-* specifications as WCF (WS-Security 1.1, SOAP 1.2, MTOM).
It seems that there is no update for WSE to work with VS2008. Instead, VS 2008 relies on WCF for the same functionality.