Introduction
Document Audience
Related Information
Understanding AquaLogic Service Bus Security
Inbound Security
Outbound Security
Options for Identity Propagation
Example: Authentication with a User Name Token
Administrative Security
Access Control Policies
Configuring Proxy Service Access Control
Access Control Policy Management
Deleting the Access Control Policy Assigned to a Proxy Service
Moving or Renaming a Proxy Service
Renaming a Proxy Service Operation
Preserving Security Configuration During Import
Preserve Security and Policy Configuration Check Box
Preserve Credentials Check Box
Preserve Access Control Check Box
Configuring the WebLogic Security Framework: Main Steps
Context Properties Are Passed to Security Providers
Context Properties for HTTP Transport-Level Authentication
ContextHandler Properties for Access Control and Message-Level Custom Authentication
Additional Transport-Specific Context Properties
Administrator-Supplied Context Properties for Message-Level Authentication
Security Provider Must Have Knowledge of the Property Name
WebLogic Server Administrative Channel is Supported
Using the Administrative Channel: Main Steps
Supported Standards and Security Providers
Support for WebLogic Security Providers
Configuring Authentication Providers
Using a Custom Authorization Provider to Protect AquaLogic Service Bus Resources
WebLogic Authorization Provider Usage Information
ALSBProxyServiceResource Object
ALSBProxyServiceResource Examples
AquaLogic Service Bus Security FAQ
Configuring Transport-Level Security
Configuring Transport-Level Security for HTTPS
HTTPS Authentication Levels
Configuring Inbound HTTPS Security: Main Steps
Configuring Outbound HTTPS Security: Main Steps
Configuring Transport-Level Security for HTTP
Configuring Inbound HTTP Security: Main Steps
Configuring Outbound HTTP Security: Main Steps
Configuring Transport-Level Security for JMS
Configuring Inbound JMS Transport-Level Security: Main Steps
Configuring Outbound JMS Transport-Level Security: Main Steps
Configuring Transport-Level Security for SFTP Transport
How Two-Way Authentication is Performed
Use of the known_hosts File
SFTP Transport Authentication Process
Configuring Inbound SFTP Transport-Level Security: Main Steps
Configuring Outbound SFTP Transport-Level Security: Main Steps
SFTP Security Attributes Preserved During Import
SFTP Credential Lifecycle
Email, FTP, and File Transport-Level Security
Email and FTP Transport-Level Security
File Transport Security
Configuring Transport-Level Security for SB Transport
Configuring SAML Authentication With Service Bus (SB) Transport
Configuring Transport-Level Security for WS Transport
Reliable Web Services Messaging Defined
WS Transport Resources Visible in WLS Console
Use of WS-Policy Files for Web Service Reliable Messaging Configuration
Preconfigured WS-RM Policy Files
RM WS-Policy Required Prior to Activation
Async Responses
Proxy Service Authentication
Preserving Security Configuration on Import
Configuring Inbound and Outbound WS Transport-Level Security
Configuring Transport-Level Security for WebSphere Message Queue Transport
Configuring Inbound MQ Transport-Level Security: Main Steps
Configuring Outbound MQ Transport-Level Security: Main Steps
Transport-Level Security Elements in the Message Context
Configuring Custom Authentication
What Are Custom Authentication Tokens?
Custom Authentication Token Use and Deployment
Understanding Transport-Level Custom Authentication
Importing and Exporting and Transport-Level Custom Token Authentication
Understanding Message-Level Custom Authentication
Format of XPath Expressions
Configuring Identity Assertion Providers for Custom Tokens
Object Type of Custom Tokens
Configuring a Custom Token Type in an Identity Assertion Provider
Steps for Configuring a Custom Token Type in an Identity Assertion Provider
Setting the Supported and Active Types in the MBean
Configuring Custom Authentication Transport-Level Security
Steps for Configuring Custom Authentication Transport-Level Security
Configuring Custom Authentication Message-Level Security
Steps for Configuring Custom Authentication Message-Level Security
Propagating the Identity Obtained From Custom Authentication Tokens
Combining WS-Security with Custom Username/Password and Tokens
Using WS-Policy in ALSB Proxy and Business Services
About Web Services Policy
Relationship Between WS-Security and WS-Policy
Supported Web Services Security Policy Assertions
WS-Policies Can be Bound Directly to Service
Abstract and Concrete WS-Policy Statements
AquaLogic Service Bus WS-Policy Files
Predefined WS-Security Policy 1.2 Policy Files
Predefined BEA Proprietary Policy Files
Predefined Reliable Messaging Policy Files
When to use the Predefined Policy Files
Creating and Using Custom WS-Policy Statements
Custom WS-SecurityPolicy 1.2 Policy Statements
Attaching WS-Policy Statements to WSDL Documents
Determining the URI of a WS-Policy Statement
Specifying the URI of a WS-Policy Statement in a WSDL Document
Best Practices: Attaching WS-Policy Statements
Example: Requiring X.509 Credentials for Identity and Confidentiality
Example: Attaching Custom Inline WS-Policy Statements to a WSDL Document
BEA-Proprietary Security Policy Best Practices
Policy Subjects and Effective Policy
Configuring Message-Level Security for Web Services
About Message-Level Security
Sample Sequence of Actions in Message-Level Security
Message-Level Access Control Policies for Proxy Services
Configuring Proxy Service Message-Level Security
Creating an Active Intermediary Proxy Service: Main Steps
Creating a Pass-Through Proxy Service: Main Steps
Configuring Business Service Message-Level Security: Main Steps
Examples of Custom WS-Policy Statements
Example: Encrypting Part of the SOAP Body and Header
Example: Encryption Policy for a Business Service
Example: Encrypting a Custom SOAP Header
Example: Signing the Message Body and Headers
Example: Signing a SOAP Body with SAML Holder-of-Key
Example: Authenticating, Signing, and Encrypting a SOAP Body and Headers with SAML Sender Vouches
Disabling Business Service Message-Level Security
Using SAML for Authentication
Configuring SAML Credential Mapping: Main Steps
Configuring SAML Pass-Through Identity Propagation
Authenticating SAML Tokens in Proxy Service Requests
Configuring SAML Authentication with Service Bus (SB) Transport
Troubleshooting SAML Web Services Security
Configuring Administrative Security
Administrative Security Roles and Privileges
Role-Based Access in AquaLogic Service Bus Console
Administrative Security Groups
Configuring Administrative Security: Main Steps
Securing AquaLogic Service Bus in a Production Environment
Undeploying the Service Bus (SB) Resource
Protection of Temporary Files With Streaming body Content