PacktLib: Oracle Web Services Manager

Oracle Web Services Manager


About the Author

About the Reviewers


Introduction to Web Services Security

The Need for Web Services Security

Security Challenges in a Web Services Environment

The Need for Identity Propagation from Calling Application to Web Services

Why HTTPS Based Security Is Not Enough

Components of Web Services Security

Return on Investment


Web Services Security—Architectural Overview

Overview of XML Security Standards

Overview of WS-Security Standards

Implementing WS-*Security in Applications

Centralized Management of WS-*Security

Introduction to Oracle Web Services Manager


Architecture Overview of Oracle WSM

Oracle WSM Architecture

Oracle WSM Policy Manager

Oracle WSM Gateway


Authentication and Authorization of Web Services Using Oracle WSM

Oracle WSM: Authentication and Authorization

Oracle WSM: Policy Template

Oracle WSM: Sample Application AD Authentication


Encrypting and Decrypting Messages in Oracle WSM

Overview of Encryption and Decryption

Encryption and Decryption with Oracle WSM

Oracle WSM Sample Application Overview

Oracle WSM Encryption and Decryption Policy


Digitally Signing and Verifying Messages in Web Services

Overview of Digital Signatures

Digital Signatures in Web Services

Signature Generation Using Oracle WSM

Signature Generation and Verification Example


Oracle WSM Custom Policy Step

Overview of Oracle WSM Policy Steps

Implementing a Custom Policy Step

Custom Policy Step Example: Restrict Access Based on IP Address to the Specified Method


Deployment Architecture

Oracle WSM Components


Oracle WSM Runtime-Monitoring

Oracle WSM Operational Management

Oracle WSM Overall Statistics

Oracle WSM Security Statistics

Oracle WSM Service Statistics

Oracle WSM Custom Views

Oracle WSM Alarms


XML Encryption

XML Encryption and Web Services

XML Encryption Schema


XML Signature

XML Signature and Web Services

XML Signature Schema


Sign and Encrypt

Overview of Sign and Encrypt

Signing and Encrypting Message

Sign and Encrypt by Example


Enterprise Security — Web Services and SSO

Web Services Security Components

Authentication, Authorization and Credential Stores

Integrating with Web Access Management Solution