| |
Back to BOOK PAGE
Table of ContentsPreface
Chapter 1: Introduction to Web Services Security
Chapter 2: Web Services Security—Architectural Overview
Chapter 3: Architecture Overview of Oracle WSM
Chapter 4: Authentication and Authorization of Web Services Using Oracle WSM
Chapter 5: Encrypting and Decrypting Messages in Oracle WSM
Chapter 6: Digitally Signing and Verifying Messages in Web Services
Chapter 7: Oracle WSM Custom Policy Step
Chapter 8: Deployment Architecture
Chapter 9: Oracle WSM Runtime-Monitoring
Chapter 10: XML Encryption
Chapter 11: XML Signature
Chapter 12: Sign and Encrypt
Chapter 13: Enterprise Security—Web Services and SSO
Index
- Chapter 1: Introduction to Web Services Security
- The Need for Web Services Security
- Security Challenges in a Web Services Environment
- The Need for Identity Propagation from Calling Application to Web Services
- Why HTTPS Based Security Is Not Enough
- Components of Web Services Security
- Authentication
- Authorization
- Confidentiality
- Integrity
- Return on Investment
- Summary
- Chapter 2: Web Services Security—Architectural Overview
- Overview of XML Security Standards
- Closer Look at SOAP Messages
- Authentication
- Confidentiality
- Integrity
- Overview of WS-Security Standards
- Implementing WS-*Security in Applications
- Centralized Management of WS-*Security
- The Need for Centralizing WS-*Security Operations
- Benefits of Centralizing Web Services Security Operations
- Introduction to Oracle Web Services Manager
- Summary
- Chapter 3: Architecture Overview of Oracle WSM
- Oracle WSM Architecture
- Oracle WSM Policy Manager
- Overview of Oracle WSM Policy Manager
- Authentication
- Authorization
- Confidentiality
- Integrity and Non-Repudiation
- Policy Steps and Pipeline Templates
- Relationship Between Policy and Service
- Oracle WSM Gateway
- Proxy, or Exposing Internal Service to External Business Partner, or Outside of Intranet
- Transport Protocol Translation
- Content Routing
- Chapter 4: Authentication and Authorization of �Web Services Using Oracle WSM
- Oracle WSM: Authentication and Authorization
- Oracle WSM: File Authenticate and Authorize
- Oracle WSM: Active Directory Authenticate and Authorize
- Oracle WSM: Policy Template
- Oracle WSM: Sample Application AD Authentication
- Web Service Security Policy
- Registering The Web Service with Oracle WSM
- Creating The Security Policy
- Commit The Policy
- Oracle WSM Test Page as Client Application
- Microsoft .NET Client Application
- Chapter 5: Encrypting and Decrypting Messages in Oracle WSM
- Overview of Encryption and Decryption
- Symmetric Cryptography
- Asymmetric Cryptography
- Oracle WSM and Encryption
- Encryption and Decryption with Oracle WSM
- Encryption Algorithm
- Key Transport Algorithm
- Internal Working of the XML Encrypt Policy Step
- Oracle WSM Sample Application Overview
- Oracle WSM Encryption and Decryption Policy
- Creating the Security Policy
- Oracle WSM Test Page as Client Application
- Microsoft .NET Client Application
- Chapter 6: Digitally Signing and Verifying Messages in Web Services
- Overview of Digital Signatures
- Digital Signatures in Web Services
- Signature Generation Using Oracle WSM
- Sign Message Policy Step
- Internals of Sign Message Policy Step
- Reference Element
- SignedInfo Element
- Signature
- Signature Generation and Verification Example
- Registering Web Service with Oracle WSM
- Signature Verification by Oracle WSM
- Signature Generation by Oracle WSM
- Oracle WSM Test Page as Client Application
- Microsoft .NET Client Application
- Chapter 7: Oracle WSM Custom Policy Step
- Overview of Oracle WSM Policy Steps
- Implementing a Custom Policy Step
- Extending the AbstractStep Class
- Deploying the Custom Policy Step
- Step Template XML File Creation
- Custom Policy Step Example: Restrict Access Based on IP Address to the Specified Method
- Extending the AbstractStep
- Testing the Custom Policy Step
- Chapter 8: Deployment Architecture
- Oracle WSM Components
- Addressing Oracle WSM Scalability
- Addressing High Availability
- Installation
- Disabling Unnecessary Components
- Mapping Component ID on Host1 and Host2
- Configuring Oracle WSM Monitor on Host3
- Chapter 9: Oracle WSM Runtime-Monitoring
- Oracle WSM Operational Management
- Oracle WSM Overall Statistics
- Oracle WSM Security Statistics
- Oracle WSM Service Statistics
- Oracle WSM Custom Views
- Oracle WSM Alarms
- Summary
- Chapter 10: XML Encryption
- XML Encryption and Web Services
- XML Encryption Schema
- EncryptedData
- EncryptionMethodType
- EncryptionMethodType Schema
- CipherData Element
- EncryptedKey Element
- KeyInfo Element
- Chapter 11: XML Signature
- XML Signature and Web Services
- XML Signature Schema
- Signature Element
- SignedInfo Element
- Reference Element
- Transforms Element
- Chapter 12: Sign and Encrypt
- Overview of Sign and Encrypt
- Signing and Encrypting Message
- Sign and Encrypt by Example
- Example Overview
- Time Web Service: Decrypt and Verify Signature
- Beauty of Oracle WSM Gateway: Sign And Encrypt by Oracle WSM
- Service Provider:
- Service Consumer:
- Sign And Encrypt Policy
- Chapter 13: Enterprise Security—Web Services and SSO
- Web Services Security Components
- Authentication, Authorization and Credential Stores
- Integrating with Web Access Management Solution
- Security Token Service: Bridging the GAP between WAM and Oracle WSM
- Integrated Security Architecture
Back to BOOK PAGE
|
