Free Sample
+ Collection

Oracle Web Services Manager

Sitaraman Lakshminarayanan

Securing your Web Services
RRP $35.99
RRP $59.99
Print + eBook

Want this title & more?

$12.99 p/month

Subscribe to PacktLib

Enjoy full and instant access to over 2000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

Book Details

ISBN 139781847193834
Paperback236 pages

About This Book

  • Secure your web services using Oracle WSM
  • Authenticate, Authorize, Encrypt, and Decrypt messages
  • Create Custom Policy to address any new Security implementation
  • Deal with the issue of propagating identities across your web applications and web services
  • Detailed examples for various security use cases with step-by-step configurations

Who This Book Is For

This is the book for those who want to learn how to:

  • Secure web services
  • Use Oracle WSM to configure web services security

It is mainly for Developers and Architects who want to learn how to use Oracle WSM to address the security challenges of web services and those who want to learn how to use Oracle WSM to address their security needs.

If you have a basic knowledge of web services then this book will help you understand the need for security and how to use Oracle WSM to address the security challenges.

Table of Contents

Chapter 1: Introduction to Web Services Security
The Need for Web Services Security
Security Challenges in a Web Services Environment
The Need for Identity Propagation from Calling Application to Web Services
Why HTTPS Based Security Is Not Enough
Components of Web Services Security
Return on Investment
Chapter 2: Web Services Security—Architectural Overview
Overview of XML Security Standards
Overview of WS-Security Standards
Implementing WS-*Security in Applications
Centralized Management of WS-*Security
Introduction to Oracle Web Services Manager
Chapter 3: Architecture Overview of Oracle WSM
Oracle WSM Architecture
Oracle WSM Policy Manager
Oracle WSM Gateway
Chapter 4: Authentication and Authorization of Web Services Using Oracle WSM
Oracle WSM: Authentication and Authorization
Oracle WSM: Policy Template
Oracle WSM: Sample Application AD Authentication
Chapter 5: Encrypting and Decrypting Messages in Oracle WSM
Overview of Encryption and Decryption
Encryption and Decryption with Oracle WSM
Oracle WSM Sample Application Overview
Oracle WSM Encryption and Decryption Policy
Chapter 6: Digitally Signing and Verifying Messages in Web Services
Overview of Digital Signatures
Digital Signatures in Web Services
Signature Generation Using Oracle WSM
Signature Generation and Verification Example
Chapter 7: Oracle WSM Custom Policy Step
Overview of Oracle WSM Policy Steps
Implementing a Custom Policy Step
Custom Policy Step Example: Restrict Access Based on IP Address to the Specified Method
Chapter 8: Deployment Architecture
Oracle WSM Components
Chapter 9: Oracle WSM Runtime-Monitoring
Oracle WSM Operational Management
Oracle WSM Overall Statistics
Oracle WSM Security Statistics
Oracle WSM Service Statistics
Oracle WSM Custom Views
Oracle WSM Alarms
Chapter 10: XML Encryption
XML Encryption and Web Services
XML Encryption Schema
Chapter 11: XML Signature
XML Signature and Web Services
XML Signature Schema
Chapter 12: Sign and Encrypt
Overview of Sign and Encrypt
Signing and Encrypting Message
Sign and Encrypt by Example
Chapter 13: Enterprise Security — Web Services and SSO
Web Services Security Components
Authentication, Authorization and Credential Stores
Integrating with Web Access Management Solution

What You Will Learn

  • Secure web services
  • Use Oracle WSM to configure web services security
  • Deploy Oracle WSM into production
  • Leverage Oracle WSM to address the key security issues of confidentiality, integrity, authentication, and authorization
  • Create Custom Policy to address any new Security implementation
  • Encrypt and decrypt messages
  • Understand the basics of enterprise Security – Web Services, SSO, and Token Service

Chapter 1 gives an introduction to web services security – the need for it, what are the security options, and even a quick look at Return on Investment in web services security

Chapter 2 discusses the need for centralized management of web services, policy definition, and policy enforcement with a quick introduction to Oracle Web Services Manager.

In the first two chapters we discussed the need for web services security and in Chapter 3 we take a closer look at the architecture of Oracle Web Services Manager and how to address the web services security requirements.

In Chapter 4 we explore how Oracle WSM can be leveraged to authenticate and authorize web services requests.

In Chapter 5 we take a closer look at how we can leverage Oracle WSM to protect the confidentiality of messages.

In Chapter 6 we describe in detail how to digitally sign and verify messages in web services using Oracle Web Services Manager.

In Chapter 7 we will take a look at how to implement a custom policy step in Oracle Web Services Manager.

In Chapter 8 we discuss the various components of Oracle WSM and how they can be deployed to ensure high availability and scalability.

Chapter 9 discusses in detail how to manage the OWSM environment from an operational stand point i.e. how the monitoring works.

In web Services, encrypted XML is represented in an interoperable standard format such as XML Encryption; in Chapter 10 we take a closer look at the XML Encryption standard from W3C.

In Chapter 11 we take a closer look at XML Signature Specification from W3C. XML Signature is an interoperable industry standard that addresses how digitally signed messages are represented or described in an XML format and OWSM can digitally sign and verify web service messages.
In Chapter 12 we discuss the importance of digitally signing and encrypting the same message or data element and how to implement this using Oracle Web Services Manager.

In Chapter 13 we take a closer look at the Integrated Web Services Security Solution.

In Detail

Web services (WS) provide a simple, standardized way to connect applications over the Internet, however they require management of security and other run-time operations to work effectively. Oracle Web Services Manager is a software solution for managing the operations of web services and the interactions between these services.

This book explains the business reasons why web services security is required and gives an architectural overview of WS Security for an enterprise. It then provides details about the Oracle Web Service Manager product and how it can be leveraged to address the key security issues of Confidentiality, Integrity, Authentication, and Authorization. Whilst addressing these key issues, the book describes them fully with examples. It ends with a couple of unique features: one is the various options available for a successful deployment and the other is an explanation, in depth, of how the security components work.


Read More

Recommended for You

Web Host Manager Administration Guide
$ 12.00
Getting Started With Oracle SOA Suite 11g R1 – A Hands-On Tutorial
$ 35.99