Sun Java System Access Manager 7.1 Federation and SAML Administration Guide

Web Services and Security

Access Manager defines a variety of security mechanisms for protecting web services. It includes security mechanisms from both the Liberty ID-WSF Security Mechanisms Specification and the WS-Security version 1.x specifications. The SOAP Binding Service is where security is configured. It can be configured globally for all the services hosted by Access Manager to limit the accepted security mechanisms or, each web service can define it's own security mechanisms for more fine-grained security. The primary advantage of deploying the web services using Access Manager is that web services security is handled by the Access Manager allowing application developers to concentrate on the business logic of their web service. There are blueprints available that present solutions for developing secure web services by enabling application-level or message-level security. They can be found on the open development web site for the Java BluePrints Project.


Note –

These blueprints require that Access Manager be deployed in an instance of Application Server 9 (which is not a supported container on Sun Java Enterprise System 5).