1/31
Contents
Title and Copyright Information
Preface
About this Guide
Audience
How to Use This Guide
Documentation Accessibility
Related Documents
Conventions
What's New
Part I Introduction
1
Overview of Web Services Security and Administration
Web Services Security and Administration in Oracle Fusion Middleware 11
g
Web Service Security and Administration Tasks
Securing and Administering SOA, ADF, and WebCenter Services
Securing and Administering WebLogic Web Services
Accessing the Security and Administration Tools
Accessing Oracle Enterprise Manager Fusion Middleware Control
Accessing Oracle WebLogic Administration Console
2
Understanding Web Services Security Concepts
Securing Web Services
Transport-level Security
Application-level Security
Web Service Security Requirements
How Oracle Fusion Middleware Secures Web Services and Clients
3
Understanding Oracle WSM Policy Framework
Overview of Oracle WSM Policy Framework
What Are Policies?
Building Policies Using Policy Assertions
Attaching Policies to Subjects
How Policies are Executed
Oracle WSM Predefined Policies and Assertion Templates
Overriding Client Security Policy Configuration
Recommended Naming Conventions for Policies
4
Examining the Rearchitecture of Oracle WSM in Oracle Fusion Middleware
How Oracle WSM 10
g
is Redesigned in Oracle Fusion Middleware 11
g
Release 1 (11.1.1)
Comparing Oracle WSM 10
g
and Oracle WSM 11
g
Policies
Comparing Oracle Application Server 10g WS-Security with Oracle WSM 11
g
Interoperability and Upgrade
Part II Basic Administration
5
Deploying Web Services Applications
Overview
Additional Deployment Documentation Available
Deploying Web Services Applications
Undeploying a Web Services Application
Redeploying a Web Services Application
6
Administering Web Services
Viewing All Current Web Services for a Server
Navigating to the Web Services Summary Page for an Application
Viewing the Web Services in Your Application
Viewing the Details for a Web Service Port
Viewing the Security Violations for a Web Service
Navigating to the Web Services Policies Page
Configuring the Web Service Port
Enabling or Disabling a Web Service
Displaying the Web Service WSDL Document
Setting the Size of the Request Message
Enabling and Disabling MTOM
Enabling and Disabling Web Service Styles
7
Managing Web Service Policies
Overview of Web Services Policy Management
Navigating to the Web Services Policies Page
Viewing a Web Service Policy
Searching for Web Service Policies
Creating Web Service Policies
Creating a New Web Service Policy
Creating a Web Service Policy from an Existing Policy
Importing Web Service Policies
Creating Custom Policies
Working With Assertions
Naming Conventions for Assertion Templates
Viewing an Assertion Template
Adding Assertions to a Policy
Configuring Assertions
Validating Web Services Policies
Validating a Policy
Editing Web Service Policies
Versioning Web Service Policies
Viewing the Version History of Web Services Policies
About the Restore and Activate Policy Options
Creating a New Version of a Web Service Policy
Restoring an Earlier Version of a Web Service Policy
Deleting Versions of a Web Service Policy
Exporting Web Service Policies
Deleting Web Service Policies
Deleting a Web Service Policy
Generating Client Policies
Generating a Web Service Client Policy
Disabling a Policy for a Single Policy Subject
Disabling a Web Service Policy for All Subjects
Analyzing Policy Usage
Steps to Analyze Policy Usage
8
Attaching Policies to Web Services
Viewing the Policies That are Attached to a Web Service
Attaching a Policy to a Single Subject
Attaching a Policy to a Web Service
Attaching a Policy to Multiple Subjects (Bulk Attachment)
Validating Policy Subjects
Attaching Policies to Web Service Clients
Attaching Client Policies Permitting Overrides
Clearing a Configuration Property
9
Configuring Policies
Determining Which Security Policies to Use
Protecting Messages
Message Protection Basics
Security SwA Attachments
Which Policies Offer Message Protection?
Configuring Keystores for SSL
Which Policies Require You to Configure SSL?
Which Policies Require You to Configure Two-Way SSL?
How to Configure a Keystore on WebLogic Server
Configuring SSL on WebLogic Server (One-Way)
Configuring SSL on WebLogic Server (Two-Way)
Configuring SSL for a Web Service Client
Configuring Two-Way SSL for a Web Service Client
Setting up the Keystore for Message Protection
Setting Up the Web Service Client Keystore at Design Time
How to Obtain a Trusted Certificate
How to Create and Use a Java Keystore
How to Create Private Keys and Load Trusted Certificates
Configuring the Credential Store Provider
Configuring an Authentication Provider in WebLogic Server
What Type of WebLogic Security Authentication Providers Must You Create?
Using the OAM Authentication and Identity Assertion Providers
OAM Authentication Provider Use Case
Identity Assertion Use Case
Configuring the SAML and Kerberos Login Modules
Configuring SAML
How the SAML Token is Validated
Which Authentication Provider is Used?
How to Configure SAML Web Service Client at Design Time
Configure the Username for the SAML Assertion
Including User Roles in the Assertion
Changing the SAML Assertion Issuer Name
How to Configure Oracle Platform Security Services (OPSS) for SAML Policies
Using Kerberos Tokens
Configuring the KDC
Initializing and Starting the KDC
Creating Principals
Configuring the Web Service Client to Use the Correct KDC
Setting the Service Principal Name in the Web Service Client
Setting the Service Principal Name in the Web Service Client at Design Time
Configuring the Web Service to Use the Right KDC
Using the Correct Keytab File in Enterprise Manager
Extract and Export the Keytab File
Modify the krb5 Login Module to use the Keytab File
Authenticating the User Corresponding to the Service Principal
Creating a Ticket Cache for the Web Service Client
Two Ways to Attach Policy Files to Web Service Clients
Client Programmatic Configuration Overrides
Configuration Override Example
Configuring Local Optimization
Authentication-Only Policies and Configuration Steps
oracle/wss_http_token_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss_http_token_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss_oam_token_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss_oam_token_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss_username_token_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client At Design Time
oracle/wss_username_token_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss10_saml_token_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_saml_token_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss11_kerberos_token_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss11_kerberos_token_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Configure WebLogic Server
Message Protection-Only Policies and Configuration Steps
oracle/wss10_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss11_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Configure the Web Service Client
How to Configure the Web Service Client at Design Time
oracle/wss11_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
Message Protection and Authentication Policies and Configuration Steps
oracle/wss_http_token_over_ssl_client_policy
Setting You Can Change
Properties You Can Configure
How to Set Up the Web Services Client
How to Set Up the Web Service Client at Design Time
oracle/wss_http_token_over_ssl_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss_saml_token_bearer_over_ssl_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss_saml_token_bearer_over_ssl_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss_saml_token_over_ssl_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss_saml_token_over_ssl_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module.
How to Set Up WebLogic Server
oracle/wss_username_token_over_ssl_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss_username_token_over_ssl_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss10_saml_hok_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_saml_hok_token_with_message_protection_service_policy
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss10_saml_token_with_message_integrity_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_saml_token_with_message_integrity_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss10_saml_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_saml_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss10_saml_token_with_message_protection_ski_basic256_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_saml_token_with_message_protection_ski_basic256_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss10_username_id_propagation_with_msg_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_username_id_propagation_with_msg_protection_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up WebLogic Server
oracle/wss10_username_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_username_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss10_username_token_with_message_protection_ski_basic256_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_username_token_with_message_protection_ski_basic256_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up WebLogic Server
oracle/wss10_x509_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss10_x509_token_with_message_protection_service_policy
Settings You Can Change
Attributes You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss11_kerberos_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss11_kerberos_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss11_saml_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss11_saml_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
Configure the Login Module
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss11_username_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss11_username_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wss11_x509_token_with_message_protection_client_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
oracle/wss11_x509_token_with_message_protection_service_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
Authorization Policies
Determining Which Resources to Protect
oracle/binding_authorization_denyall_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/binding_authorization_permitall_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/binding_permission_authorization_policy
Settings You Can Change
Attributes You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/component_authorization_denyall_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/component_authorization_permitall_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
oracle/component_permission_authorization_policy
Settings You Can Change
Properties You Can Configure
How to Set Up Oracle Platform Security Services (OPSS)
WS-Addressing Policies
oracle/wsaddr_policy
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
How to Set Up Oracle Platform Security Services (OPSS)
MTOM Attachment Policies
oracle/wsmtom_policy
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
How to Set Up Oracle Platform Security Services (OPSS)
Reliable Messaging Policies
WS-RM Policy Properties
oracle/wsrm10_policy
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
How to Set Up Oracle Platform Security Services (OPSS)
oracle/wsrm11_policy
How to Set Up the Web Service Client
How to Set Up the Web Service Client at Design Time
How to Set Up Oracle Platform Security Services (OPSS)
Management Policies
oracle/log_policy
Settings You Can Change
Properties You Can Configure
How to Set Up the Web Service or Client
How to Set Up Oracle Platform Security Services (OPSS)
10
Testing Web Services
Testing Your Web Services
Editing the Input Arguments as XML Source
Enabling Authentication
Enabling Quality of Service Testing
Enabling HTTP Transport Options
Stress Testing the Web Service Operation
Disabling the Test Page for a Web Service
11
Monitoring the Performance of Web Services
Overview of Performance Monitoring
When Are Web Service Statistics Started or Reset?
Viewing Web Service Statistics from the Summary Page
Viewing Web Service Statistics for a Server Instance
Viewing Web Service-Specific Statistics
Viewing Endpoint-Specific Operations Statistics
Viewing Policy Security Violations for an Endpoint
Part III Advanced Administration
12
Advanced Administration
Registering Web Services
WSIL Basics
Registering a Web Service
Viewing and Editing a Registered Web Service
Unregistering a Web Service
Auditing Web Services
Configuring Audit Policies
Managing Audit Data Collection and Storage
Viewing Audit Reports
Managing the WSDL
Managing Policy Assertion Templates
Navigating to the Web Services Assertion Templates Page
Viewing an Assertion Template
Searching for an Assertion Template
Creating an Assertion Template
Exporting an Assertion Template
Importing an Assertion Template
Editing an Assertion Template
Deleting an Assertion Template
About the Metadata Store Repository
Adding Security to a Running Client
Managing Policy Accessor, Cache, and Interceptor Properties
13
Creating Custom Assertions
Overview of Custom Assertion Creation
Step 1: Create the Custom Assertion Class
Step 2: Create the Custom Policy File
Step 3: Create the policy-config.xml File
Step 4: Create the JAR File
Step 5: Update Your CLASSPATH
Step 6: Import the Custom Policy File
Step 7: Attach the Custom Policy to a Web Service or Client
14
Managing Horizontal Policy Migration
Overview of Horizontal Policy Migration
Migrating Policies
Migrating Policy Configuration
Migrating Keystores
Migrating Users and Groups
Migrating Credentials
Migrating Username and Password
Migrating Keystores and Encryption Key Passwords
Migrating Oracle Platform Security Services Application and System Policies
Migrating Oracle Platform Security Services Configuration
Migrating Oracle Access Manager Authentication Providers
Migrating SSL
Migrating Kerberos Configuration
Migrating Assertion Templates
15
Diagnosing Problems
Diagnosing Problems with Oracle WSM Policy Manager
Diagnosing Problems Using Logs
Using Diagnostic Logs for Web Services
Setting the Log Level for Diagnostic Logs
Viewing Diagnostic Logs
Filtering Diagnostic Logs
Using Message Logs for Web Services
Configuring Message Logs
Viewing Message Logs
Filtering Message Logs
Reviewing Sample Logs
Sample Log: Oracle WSM Policy Manager Not Available
Sample Log: Security Keystore Not Configured
Sample Log: Certificate Not Available
Configuring a Diagnostic Logger for a Web Service
16
Oracle WSM 11
g
Interoperability
Interoperability with Oracle WSM 10
g
Security Environments
A Note About Oracle WSM 10
g
Gateways
A Note About Third-party Software
Anonymous Authentication with Message Protection (WS-Security 1.0)
Oracle WSM 10
g
Client —>Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —>Oracle WSM 10
g
Web Service
Username Token with Message Protection (WS-Security 1.0)
Oracle WSM 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Web Service
SAML Token (Sender Vouches) with Message Protection (WS-Security 1.0)
Oracle WSM 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Web Service
Oracle Access Manager Security
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Gateway —> Oracle WSM 11
g
Web Service
Mutual Authentication with Message Protection (WS-Security 1.0)
Oracle WSM 10
g
Client —> Oracle WSM 11
g
Web Service )
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Web Service
Username Token Over SSL
Oracle WSM 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Web Service
SAML Token (Sender Vouches) Over SSL (WS-Security 1.0)
Oracle WSM 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WSM 10
g
Web Service
Interoperability with Oracle Containers for J2EE (OC4J) 10
g
Security Environments
Anonymous Authentication with Message Protection (WS-Security 1.0)
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
Username Token with Message Protection (WS-Security 1.0)
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
SAML Token (Sender Vouches) with Message Protection (WS-Security 1.0)
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service)
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
Mutual Authentication with Message Protection (WS-Security 1.0)
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
Username token over SSL
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
SAML Token (Sender Vouches) Over SSL (WS-Security 1.0)
OC4J 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> OC4J 10
g
Web Service
Interoperability with Oracle WebLogic Server 11
g
Web Service Security Environments
Username Token With Message Protection (WS-Security 1.1)
Oracle WebLogic Server 11
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WebLogic Server 11
g
Web Service
Username Token With Message Protection (WS-Security 1.0)
Oracle WebLogic Server 11
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WebLogic Server 11
g
Web Service
SAML Token (Sender Vouches) with Message Protection (WS-Security 1.1)
Oracle WebLogic Server 11
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WebLogic Server 11
g
Web Service
SAML Token (Sender Vouches) with Message Protection (WS-Security 1.0)
Oracle WebLogic Server 11
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle WebLogic Server 11
g
Web Service
Interoperability with Microsoft WCF/.NET 3.5 Security Environments
Username Token with Message Protection (WS-Security 1.1)
Microsoft WCF/.NET 3.5 Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Microsoft WCF/.NET 3.5 Web Service
Interoperability with Oracle Service Bus 10
g
Security Environments
Username Token with Message Protection (WS-Security 1.0)
Oracle Service Bus 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle Service Bus 10
g
Web Service
SAML Token (Sender Vouches) with Message Protection (WS-Security 1.0)
Oracle Service Bus 10
g
Client —> Oracle WSM 11
g
Web Service
Oracle WSM 11
g
Client —> Oracle Service Bus 10
g
Web Service
Part IV WebLogic Web Service Administration
17
Securing and Administering WebLogic Web Services
Steps to Secure and Administer WebLogic Web Services
Attaching Policies to WebLogic Web Services and Clients
Attaching Oracle WSM Policies to WebLogic Web Services
Attaching Oracle WSM Policies to WebLogic Web Service Clients
Attaching WebLogic Web Service Policies to WebLogic Web Services
Attaching WebLogic Web Service Policies to WebLogic Web Service Clients
Part V Reference
A
Web Service Security Standards
Transport Layer Security—SSL
XML Encryption (Confidentiality)
XML Signature (Integrity, Authenticity)
WS-Security
WS-Security Tokens
Username
X.509 Certificate
Kerberos Ticket
SAML Token
WS-Policy
WS-SecurityPolicy
Web Services Addressing (WS-Addressing)
WS-ReliableMessaging
B
Predefined Policies
Security Policies
Authentication Only Policies
oracle/wss_http_token_client_policy
oracle/wss_http_token_service_policy
oracle/wss_oam_token_client_policy
oracle/wss_oam_token_service_policy
oracle/wss_username_token_client_policy
oracle/wss_username_token_service_policy
oracle/wss10_saml_token_client_policy
oracle/wss10_saml_token_service_policy
oracle/wss11_kerberos_token_client_policy
oracle/wss11_kerberos_token_service_policy
Message Protection Only Policies
oracle/wss10_message_protection_client_policy
oracle/wss10_message_protection_service_policy
oracle/wss11_message_protection_client_policy
oracle/wss11_message_protection_service_policy
Message Protection and Authentication Policies
oracle/wss_http_token_over_ssl_client_policy
oracle/wss_http_token_over_ssl_service_policy
oracle/wss_saml_token_bearer_over_ssl_client_policy
oracle/wss_saml_token_bearer_over_ssl_service_policy
oracle/wss_saml_token_over_ssl_client_policy
oracle/wss_saml_token_over_ssl_service_policy
oracle/wss_username_token_over_ssl_client_policy
oracle/wss_username_token_over_ssl_service_policy
oracle/wss10_saml_hok_with_message_protection_client_policy
oracle/wss10_saml_hok_token_with_message_protection_service_policy
oracle/wss10_saml_token_with_message_integrity_client_policy
oracle/wss10_saml_token_with_message_integrity_service_policy
oracle/wss10_saml_token_with_message_protection_client_policy
oracle/wss10_saml_token_with_message_protection_service_policy
oracle/wss10_saml_token_with_message_protection_ski_basic256_client_policy
oracle/wss10_saml_token_with_message_protection_ski_basic256_service_policy
oracle/wss10_username_id_propagation_with_msg_protection_client_policy
oracle/wss10_username_id_propagation_with_msg_protection_service_policy
oracle/wss10_username_token_with_message_protection_client_policy
oracle/wss10_username_token_with_message_protection_service_policy
oracle/wss10_username_token_with_message_protection_ski_basic256_client_policy
oracle/wss10_username_token_with_message_protection_ski_basic256_service_policy
oracle/wss10_x509_token_with_message_protection_client_policy
oracle/wss10_x509_token_with_message_protection_service_policy
oracle/wss11_kerberos_token_with_message_protection_client_policy
oracle/wss11_kerberos_token_with_message_protection_service_policy
oracle/wss11_saml_token_with_message_protection_client_policy
oracle/wss11_saml_token_with_message_protection_service_policy
oracle/wss11_username_token_with_message_protection_client_policy
oracle/wss11_username_token_with_message_protection_service_policy
oracle/wss11_x509_token_with_message_protection_client_policy
oracle/wss11_x509_token_with_message_protection_service_policy
Authorization Only Policies
oracle/binding_authorization_denyall_policy
oracle/binding_authorization_permitall_policy
oracle/binding_permission_authorization_policy
oracle/component_authorization_denyall_policy
oracle/component_authorization_permitall_policy
oracle/component_permission_authorization_policy
WS-Addressing Policies
oracle/wsaddr_policy
MTOM Attachment Policies
oracle/wsmtom_policy
Reliable Messaging Policies
oracle/wsrm10_policy
oracle/wsrm11_policy
Management Policies
oracle/log_policy
C
Predefined Assertion Templates
Security Assertion Templates
Authentication Only Assertion Templates
oracle/wss_http_token_client_template
oracle/wss_http_token_service_template
oracle/wss_oam_token_client_template
oracle/wss_oam_token_service_template
oracle/wss_username_token_client_template
oracle/wss_username_token_service_template
oracle/wss10_saml_token_client_template
oracle/wss10_saml_token_service_template
oracle/wss11_kerberos_token_client_template
oracle/wss11_kerberos_token_service_template
Message-Protection Only Assertion Template
oracle/wss10_message_protection_client_template
oracle/wss10_message_protection_service_template
oracle/wss11_message_protection_client_template
oracle/wss11_message_protection_service_template
Message Protection and Authentication Assertion Templates
oracle/wss_http_token_over_ssl_client_template
oracle/wss_http_token_over_ssl_service_template
oracle/wss_saml_token_bearer_over_ssl_client_template
oracle/wss_saml_token_bearer_over_ssl_service_template
oracle/wss_saml_token_over_ssl_client_template
oracle/wss_saml_token_over_ssl_service_template
oracle/wss_username_token_over_ssl_client_template
oracle/wss_username_token_over_ssl_service_template
oracle/wss10_saml_hok_with_message_protection_client_template
oracle/wss10_saml_hok_with_message_protection_service_template
oracle/wss10_saml_token_with_message_protection_client_template
oracle/wss10_saml_token_with_message_protection_service_template
oracle/wss10_username_token_with_message_protection_client_template
oracle/wss10_username_token_with_message_protection_service_template
oracle/wss10_x509_token_with_message_protection_client_template
oracle/wss10_x509_token_with_message_protection_service_template
oracle/wss11_kerberos_token_with_message_protection_client_template
oracle/wss11_kerberos_token_with_message_protection_service_template
oracle/wss11_saml_token_with_message_protection_client_template
oracle/wss11_saml_token_with_message_protection_service_template
oracle/wss11_username_token_with_message_protection_client_template
oracle/wss11_username_token_with_message_protection_service_template
oracle/wss11_x509_token_with_message_protection_client_template
oracle/wss11_x509_token_with_message_protection_service_template
Authorization Assertion Templates
oracle/binding_authorization_template
oracle/binding_permission_authorization_template
oracle/component_authorization_template
oracle/component_permission_authorization_template
Management Assertions
oracle/security_log_template
Supported Algorithm Suites
Message Signing and Encyrption Settings for Request, Response, and Fault Messages
D
Schema Reference for Predefined Assertions
Graphical Representation
Element Descriptions
wsp:Policy
Attributes
Example
orasp:Assertion
Attributes
Example
orawsp:bindings
Example
orawsp:Config
Attributes
Example
orawsp:PropertySet
Attributes
Example
orawsp:Property
Attributes
Example
orawsp:Description
Example
orawsp:Value
Example
oralgp:Logging
Example
orasp:binding-authorization
Example
orasp:binding-permission-authorization
Example
orasp:coreid-security
Example
orasp:http-security
Example
orasp:kerberos-security
Example
orasp:sca-component-authorization
Example
orasp:sca-component-permission-authorization
Example
orasp:wss10-anonymous-with-certificates
Example
orasp:wss10-mutual-auth-with-certificates
Example
orasp:wss10-saml-hok-with-certificates
Example
orasp:wss10-saml-token
Example
orasp:wss10-saml-with-certificates
Example
orasp:wss10-username-with-certificates
Example
orasp:wss11-anonymous-with-certificates
Example
orasp:wss11-mutual-auth-with-certificates
Example
orasp:wss11-saml-with-certificates
Example
orasp:wss11-username-with-certificates
Example
orasp:wss-saml-token-bearer-over-ssl
Example
orasp:wss-saml-token-over-ssl
Example
orasp:wss-username-token
Example
orasp:wss-username-token-over-ssl
Example
rm:RMAssertion
Example
wsaw:UsingAddressing
Example
wsoma:OptimizedMimeSerialization
Example
oralgp:fault
Example
oralgp:request
Example
oralgp:response
Example
oralgp:msg-log
Example
orasp:attachment
Attributes
Example
orasp:auth-header
Attributes
Examples
orasp:body
Example
orasp:check-permission
Example
orasp:coreid-token
Attributes
Example
orasp:denyAll
Example
orasp:element
Attributes
Example
orasp:encrypted-elements
Example
orasp:encrypted-parts
Example
orasp:fault
Example
orasp:header
Attributes
Example
orasp:kerberos-token
Attributes
Example
orasp:msg-security
Attributes
Example
orasp:permitAll
Example
orasp:request
Example
orasp:require-tls
Attributes
Examples
orawsp:resource-match
Examples
orasp:response
Example
orasp:role
Attribute
Example
orasp:saml-token
Attributes
Example
orasp:signed-elements
Example
orasp:signed-parts
Example
orasp:username-token
Attributes
Example
orasp:x509-token
Attributes
Example
orawsp:action-match
Examples
orawsp:Description
Example
orawsp:guard
Examples
E
Schema Reference for Custom Assertions
Graphical Representation
Element Descriptions
wsp:Policy
Attributes
Example
orasp:Assertion
Attributes
Example
orawsp:bindings
Example
orawsp:Implementation
Example
orawsp:Config
Attributes
Example
orawsp:PropertySet
Attributes
Example
orawsp:Property
Attributes
Example
orawsp:Description
Example
orawsp:Value
Example
Scripting on this page enhances content navigation, but does not change the content in any way.