Home
/
Middleware
/
Oracle Web Services Manager
1/8
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in This Guide
New and Changed Features for 12
c
(12.1.2)
Other Significant Changes in this Book
1
Introducing Oracle Web Services Manager
1.1
OWSM Overview
1.2
OWSM Features
1.3
OWSM Architecture
2
Understanding the OWSM Policy Framework
2.1
Overview of OWSM Policy Framework
2.1.1
OWSM Policy Framework Components
2.1.2
OWSM Agent and Policy Manager Interaction
2.1.3
OWSM Agent and Policy Manager Characteristics
2.1.4
OWSM Agent and Policy Manager Request Flow
2.1.5
OWSM Configuration Artifacts
2.2
Understanding Policies
2.3
Building Policies Using Policy Assertions
2.3.1
Defining Multiple Policy Alternatives (OR Groups)
2.4
Understanding Policy Subjects
2.5
Attaching Policies to Policy Subjects
2.5.1
Direct Policy Attachment
2.5.2
Global Policy Attachments Using Policy Sets
2.5.2.1
Subject Types and Scope of Resources
2.5.2.2
Typical Uses for Global Policy Attachments
2.6
How Policies are Executed
2.7
OWSM Predefined Policies and Assertion Templates
2.8
Overriding Security Policy Configuration
2.9
Recommended Naming Conventions for Policies
3
Understanding Web Service Security Concepts
3.1
Overview of Web Service Security
3.1.1
Web Service Security Requirements
3.2
Understanding Transport-level and Application-level Security
3.3
Understanding Authentication
3.3.1
Digest Authentication
3.4
Understanding Authorization
3.5
Understanding Message Protection
3.5.1
Message Encryption
3.5.2
Message Signing (XML Signature)
3.6
Understanding Keys and Certificates
3.6.1
Overview of Private Keys and Certificates
3.6.2
How Different Security Policies Use Private Keys and Certificates
3.6.2.1
Message Protection Policy Types
3.6.2.2
Authentication Token Policy Types
3.6.3
How OWSM Locates Keystore And Key Passwords for the JKS Keystore
3.6.4
Setting Up Private Keys and Certificates for SSL Policies
3.6.5
Setting up Private Keys and Certificates for Message Protection Policies
3.7
How OWSM Uses the Credential Store
3.8
Understanding Security Policies
3.9
Understanding Security Tokens
3.9.1
Username Token
3.9.2
X.509 Certificate
3.9.3
Kerberos Token
3.9.4
SAML Token
3.10
Understanding Secure Attachments
3.11
Understanding Secure Conversation
3.11.1
Why Use WS-SecureConversation
3.11.1.1
Using WS-SecureConversation With WS-ReliableMessaging
3.11.2
WS-SecureConversation Architecture
3.11.3
When To Use WS-SecureConversation
3.11.4
When To Use Re-Authentication
3.11.5
Using Basic Mode Versus Advanced Mode
3.11.6
Persistence
3.11.6.1
Default Domain-Wide Persistence Implementation
3.11.6.2
Client- and Web Service-Specific Persistence Implementation
3.12
Understanding the Kerberos Protocol
3.12.1
Credential Delegation in Kerberos
3.12.2
Kerberos and SPNEGO
3.12.3
Kerberos and WS-SecureConversation Derived Keys
3.13
Understanding Web Services Addressing
3.14
Understanding Web Services Trust
3.15
Understanding Web Services ReliableMessaging
A
Web Service Security Standards
Scripting on this page enhances content navigation, but does not change the content in any way.