Project Description

Set of WCF extensions in order to work with the different services of Belgium eHealth Platform. It includes a library, test cases for the various services and a demo application.

Supported eHealth Web Services

The following eHealth Web Services are supported by this library. It supports both the services that require SSO or MSO authentication.

Per authentication type

Most importantly, the eHealth services can be divided according to there authentication mechanism.

Open Services

Some services do not require authentication or authorization.

For more information, go to the documentation or see here.

MSO (Multi Sign On) Services

These are services where the client must authenticate directly to the service. The client must re-authenticate for every request and the service must also re-authorize every time. The service itself is responsible for defining how the authentication and authorization takes place.

For more information, go to the documentation or see here

SSO (Single Sign On) Services

These services do allow the client to be authencicated and also pre-authorized once for multiple calls to different services. For this the client receives a ticket of a special service after authenticating with this special service. The received ticket does not only indicate which person he is, but also what he is (e.g. nurse). The client will then use this ticket with the different services, which will grant access based on the roles in the ticket. Naturally the ticket is protected against tampering and against stealing.

For more information, go to the documentation or see here

Per publication type

Secondly you can also divide the eHealth services accordingly to there publication way.

Direct

Some services are directly visible on the internet. This means that each provider of the services is responsible for there own implementation. These services can still be SSO Services, but will in general be MSO Services. Because the provider of the services is responsible for all aspects (including security) of there service, there will be differences between the services.

This are the services of which the host names differ from "services.ehealth.fgov.be" (or services-acpt.ehealth.fgov.be). In general these services are out of scope for this project, except the ones of eHealth iself (hostname *.ehealth.fgov.be).

ESB

These services are behind and the ESB of eHealth. This means all clients connect to the eHealth ESB which will handle most of the security and then it will forward the request to the actual provider of the service. Although there are still some differences possible, there is a much higher level of standardization for this services.

This are the services of which the host names is"services.ehealth.fgov.be" (or services-acpt.ehealth.fgov.be). This is the main focus of this project.

List of supporte Services

See here

Support of eHealth PKCS12 file

The library also provides support for the eHealth provided PKCS12 file. This is the file "provided" by eHealth that contains you authentication and encryption certificate together with its private keys. Because eHealth decided to put both of the private keys in the same file, although this is withing the specs of PKCS12, it is very uncommon to do so and very few tools provide the means to deal with this.

Because .Net does not support PKCS12 files this project provides several ways of handling this. Detailed information can be found in the documentation

Last edited Jan 29, 2011 at 9:16 AM by egelke, version 12