Patent attributes
In one set of embodiments, methods, systems, and apparatus are provided to enable secure local invocation of a web service in response to receiving a request from a first composite application to invoke a web service operation of a second composite application, where the first application is associated with a reference policy, and the second application is associated with a service policy, then determining, based upon the service policy and the reference policy, whether local invocation is secure, and invoking the operation using the local invocation in response to determining that the local invocation is secure. Attributes associated with the reference and service policies can indicate whether those policies can be used in a local invocation, or if user authentication is needed before performing the invocation with those policies. The local invocation may comprise a procedure call in an application server from the first application to the second application.
