Skip Headers
Oracle® Application Server Web Services Security Guide
10g Release 3 (10.1.3)
B15979-01
  Go To Documentation Library
Home		 Go To Product List
Solution Area		 Go To Table Of Contents
Contents
Previous
Previous		  

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W  X 

Symbols

<add-timestamp> element, 2.1.5.5, 3.7.1, 3.7.2, 3.7.7.1
<attribute> element, 2.1.5.3
<auth-password> element, 2.1.5.4
<auth-user-name> element, 2.1.5.4
<call-property> element, 4.5.5.2.1, 4.5.5.2.1
<confirmation-method> element, 2.1.4.3, 2.1.5.3, 3.5.1.1, 3.5.2.2.6
<control-flag> element, 3.5.3.1, 3.5.3.2
<decrypt> element, 2.1.4.5, 3.6.2, 3.6.8, 4.1.1, 4.1.2
<DigestValue> element, 1.1.5
<ejb-transport-login-config> element, 4.5.4, 4.5.4
<ejb-transport-security-constraint> element, 4.5.4
<encrypt> element, 2.1.5.6, 3.6.1, 4.1.1, 4.1.2
<encryption> element, 2.1.5
<encryption-key> element, 2.1.2, 3.1.2.2, 3.6
<encryption-method> element, 2.1.5.6, 3.6.1, 3.6.2
<encryption-methods> element, 2.1.4.5
<endpoint-address> element, 2.1.5.4
<endpoint-address-uri> element, 4.5.4
<Envelope> element, 1.1.1
<generated_name>_Stub.xml client deployment descriptor, 1.1.2.1, 2, 2, 2.1.4, 2.1.5, 3.1.2.2, 3.3.2, 3.3.2.4, 3.4.2, 3.4.2.3, 3.4.2.5, 3.5.2, 3.5.2, 3.5.2.2, 3.7.4, 4.1.1, 4.1.1, 4.1.2, 4.1.2, 4.3
<inbound> element, 2, 3.3.1.1, 3.4.1.1, 3.5.1.1, 3.7.2
<KeyInfo> element, 1.1.5
<key-store> element, 2.1.1, 3.1.2.2
<keytransport-method> element, 2.1.5.6, 3.6.1, 3.6.2
<keytransport-methods> element, 2.1.4.5
<login-module> element, 3.3.3.1, 3.4.3.1, 3.5.3.1
<name> element, 4.5.5.2.1
<name-identifier> element, 2.1.5.3
<nonce-config> element, 2.1.3
<outbound> element, 2, 3.6.1, 3.7.1
<property> element, 3.4.2.3, 3.7.6
<recipient-key> element, 2.1.5.6, 3.6.1
<Reference> element, 1.1.5
<require-signature> element, 2.1.5.4, 3.5.2.6
<saml-authority> element, 2.1.5.3, 2.1.5.4, 3.5.2.6
<saml-token> element, 2.1.5, 2.1.5.3, 3.5.2.2.1, 3.5.2.2.5, 3.5.2.6, 4.1.1, 4.1.2
<saml-token> element, configuring, 3.5.2.1
<security> element, 2.1.4, 3.1.2.2, 4.2.1, 4.3.1
<service-ref-mapping> element, 4.5.5.2.1
<signature> element, 2.1.5, 2.1.5.5, 3.5.2.2.5, 3.7.1, 4.1.1, 4.1.2
<signature-key> element, 2.1.2, 3.1.2.2, 3.7
<SignatureMethod>, 1.1.5
<signature-method> element, 3.5.2.2.5, 3.7.1, 3.7.2
<signature-methods> element, 2.1.4.4, 2.1.5.5
<SignatureValue> element, 1.1.5
<SignedInfo> element, 1.1.5
<subject-confirmation-method> element, 2.1.4.3, 3.5.1.1, 3.5.1.1
<tbe-element> element, 3.6.3, 3.6.5
<tbe-elements> element, 2.1.4.5, 2.1.5.6, 3.6.1, 3.6.2
<tbs-element> element, 3.7.5
<tbs-elements> element, 2.1.4.4, 2.1.5.5, 3.7.1, 3.7.2
<use-request-cert> element, 2.1.5.6, 3.6.1
<username-token> element, 2, 2.1.5, 2.1.5.1, 3.3.2.3, 4.3.1
<username-token> element, configuring, 3.3.2.1
<value> element, 4.5.5.2.1
<verify-saml-token> element, 2.1.4, 2.1.4, 2.1.4.3, 2.1.4.3, 4.1.1, 4.1.2
<verify-saml-token> element, configuring, 3.5.1.1
<verify-signature> element, 2.1.4.4, 3.7.2, 3.7.7, 4.1.1, 4.1.2
<verify-timestamp> element, 2.1.4.4, 3.7.1, 3.7.2, 3.7.7.2
<verify-username-token> element, 2, 2.1.4, 2.1.4, 2.1.4.1, 4.2.1, 4.2.2
<verify-username-token> element, configuring, 3.3.1.1
<verify-x509-token> element, 2.1.4, 2.1.4, 2.1.4.2, 4.1.1, 4.1.2
<verify-x509-token> element, configuring, 3.4.1.1
<x509-token> element, 2.1.5, 2.1.5.2, 3.4.2.1, 4.1.1, 4.1.2

A

AccessControlContext class, to access user credentials, 4.7.1
AccessController class, to access user credentials, 4.7.1
add-created attribute, 2.1.5.1, 3.3.2.1
add-nonce attribute, 2.1.5.1, 3.3.2.1
alias attribute, 2.1.2, 2.1.2, 2.1.5.6
Ant tasks, for the WebServicesAssembler tool, 4.6
Apache software
license, C.1.1
Application Server Control
support for Oracle Application Server Web Service Security, 1.3.1
architecture, Oracle Application Server Web Services Security, 1.2.3
assemble command (WebServicesAssembler tool), 4.1.2
assembling a secure Web service, 4
bottom up, 4.1.2
top down, 4.1.1
assertion issuer, 3.5.1.4
assertion subject
configuring a name, 3.5.2.2.1
configuring a name format, 3.5.2.2.1
mapping to name identifiers, 3.5.1.3
attributes statements, for SAML, 3.5.2.2.3
attributes.properties file, 3.5.2.2.3
authentication, 1.1
creating user information, 4.3.3
elements, 2.1.4
authentication errors
troubleshooting, 6.5
authentication information
passing dynamically, 4.5.5.2.2
passing in a deployment descriptor, 4.5.5.2.1
authentication statements, for SAML, 3.5.2.2.3

B

basic authentication, transport level, 4.5.1
basic authentication, use case, 5.2.2.1
basic Web service, use case, 5.1.1
bottom up Web service assembly, 4.1.2

C

cache-ttl attribute, 2.1.3
Call interface, 4.5.5
callback handler
for the SAML token, 3.5.2.5
for the username token, 3.3.2.2
cbhandler-name attribute, 2.1.5.1, 2.1.5.3, 3.3.2.2, 3.5.2.2.7
Certificate Authority (CA), 3.1.1.1
certificates
loading with Java Keystore, 3.1.1.2.1
obtaining from a Certificate Authority, 3.1.1.1
self-signed, 3.1.1.3.1
user, 3.1.1.3.2
client certification authentication, transport level, 4.5.3
client code, generating, 4.1.1
client interceptor, 1.2.2, 1.2.2.2
client JAR files, for security, 4.4
client-side security configuration files, 4.3
clock skew, adjusting, 3.7.8
clock-skew attribute, 2.1.3, 4.2.4
clock-skew property, 3.7.2, 3.7.7, 3.7.8
CN (common-name), 3.4.1.3
common name (CN), 3.4.1.3
complex business processes, use case, 5.1.2
configuration file for security
creating for the client-side, 4.3, 4.3.1, 4.3.2
creating for the server-side, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4
confirmation methods
configuring, 3.5.2.2.4
holder-of-key, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
holder-of-key, configuring, 3.5.2.2.7
sender-vouches (signed), 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
sender-vouches (signed), configuring, 3.5.2.2.5
sender-vouches (unsigned), 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
configuring, 3.5.2.2.6
COREid
CoreIDLoginModule, 3.3.3.1, 3.4.3.1, 3.5.3.1
security provider, 1.2.4.4
security provider for SAML token, 3.5.3.1
security provider for username token, 3.3.3.1
security provider for X.509 token, 3.4.3.1
CoreIDLoginModule
for COREid security provider, 3.3.3.1, 3.4.3.1, 3.5.3.1
coreid.name.attribute property, 3.3.3.1, 3.4.3.1, 3.5.3.1
coreid.password.attribute property, 3.3.3.1
created attribute, 2.1.4.4, 2.1.5.5, 3.7.7.1

D

ddFileName argument (WebServicesAssembler tool), 3.3.1.3, 3.3.2.4, 3.4.1.4, 3.4.2.5, 4.1.1, 4.1.1, 4.1.2, 4.1.2
decryption
decrypting elements of a SOAP message, 3.6.6
decryption elements, 2.1.4.5
deployment descriptor
<generated_name>_Stub.xml (client), 2, 2.1.4, 2.1.5, 4.1.1, 4.1.1, 4.1.2, 4.1.2, 4.3
oracle-webservices.xml, 2, 2.1.4, 2.1.5, 4.1.1, 4.1.1, 4.1.2
webservices.xml, 4.1.1
web.xml, 4.1.1
deployment descriptors
passing authentication information, 4.5.5.2.1, 4.5.5.2.2
deployment, testing, 4.1.1, 4.1.2
digest authentication, transport level, 4.5.2
digest authentication, use case, 5.2.2.2
digest password, for a nonce configuration, 3.3.1.2
distinguished name (DN), 3.4.1.3
DN (distinguished name), 3.4.1.3

E

ear/META-INF directory, 4.1.1, 4.1.2
EJBs
adding transport level security, 4.5.4
encryption
algorithms, 2.1.4.5
configuring, 3.6
configuring for inbound messages, 3.6.2
configuring for outbound messages, 3.6.1
decrypting elements of a SOAP message, 3.6.6
defined, 1.1.6
elements, 2.1.5.6
encrypting a SOAP message body, 3.6.3
encrypting elements of a SOAP message, 3.6.5
encryption key element, 2.1.2
expiry attribute, 2.1.4.4, 2.1.5.5, 3.7.7.1, 4.2.4

F

federated Web services, use case, 5.1.4

G

gateways
use cases, 5.6
general errors
troubleshooting, 6.1
genInterface command (WebServicesAssembler tool), 4.1.1
genProxy command (WebServicesAssembler tool), 3.3.2.4, 3.4.2.5, 4.1.1, 4.1.2
global-level policy, 1.1.2.3

H

helper class methods, for stub properties, 4.5.5.1
Holder-Of-Key attribute, 2.1.4.3, 2.1.5.3
holder-of-key confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
configuring, 3.5.2.2.7
HTTP security, use case, 5.2

I

identity management
use cases, 5.7
identity propagation
of SAML assertion subjects, 3.5.2.4
using the oracle.security.wss.propagate.identity property, 3.5.2.4
inbound policy, 1.1.2.1
interceptors
client, 1.2.2, 1.2.2.2
data flow, 1.2.2.2
framework, 1.2.2
integration with OC4J security framework, 1.2.4
service, 1.2.2, 1.2.2.1
interoperability
use cases, 5.8
issuer name, configuring, 3.5.2.2.2
issuer.keystorepassword.N, SAMLLoginModule option, 3.5.1.4
issuer.keystorepath.N, SAMLLoginModule option, 3.5.1.4
issuer.keystoretype.N, SAMLLoginModule option, 3.5.1.4
issuer-name attribute, 2.1.5.3, 3.5.2.2.2
issuer.name.N, SAMLLoginModule option, 3.5.1.4
issuer.trustpointalias.N, SAMLLoginModule option, 3.5.1.4

J

J2EE client
accessing a secured service, 4.5.5.2
accessing services secured on the transport level, 4.5.5
J2SE client
accessing a secured service, 4.5.5.1
accessing services secured on the transport level, 4.5.5
JAAS, 1.2.4.1
JAR files, for security, 4.4
Java Keystore (JKS), 3.4.1.2, 3.4.2.2, 3.5.1.2, 3.5.2.7, 3.6
certreq command, 3.1.1.2.1
creating, 3.1.1.2
creating private keys, 3.1.1.2.1
genKey command, 3.1.1.2.1
import command, 3.1.1.2.1, 3.1.1.2.1
keytool utility, 3.1.1.2.1
list command, 3.1.1.2.1
loading certificates, 3.1.1.2.1
using, 3.1.1.2
javacache.xml file, 3.3.1.2
java.security.AccessControlContext, 4.7.1
java.security.AccessController, 4.7.1
javax.security.auth.Namecallback, 2.1.5.1, 3.3.2.2
javax.security.auth.Passwordcallback, 2.1.5.1, 3.3.2.2
javax.security.auth.Subject, 4.7.1
javax.xml.rpc.Call, 4.5.5
javax.xml.rpc.security.auth.username property, 4.5.5.2.1
javax.xml.rpc.server.ServiceLifecycle, 4.7.2
javax.xml.rpc.server.ServletEndpointContext, 4.7.2
javax.xml.rpc.Stub, 3.5.2.3, 4.5.5
jazn-data.xml file, 3.4.1.3
jazn.xml file, 3.4.1.3, 3.5.1.3
JDeveloper
support for Oracle Application Server Web Service Security, 1.3.2

K

key transport algorithms, 2.1.4.5
key-pass attribute, 2.1.2, 2.1.2, 2.1.5.6
keys
application keys, creating, 3.1.2.2
instance keys, creating, 3.1.2.1
keys, using multiple keys to decrypt messages, decryption
using multiple keys, 3.6.8
keystore
application keystores, creating, 3.1.2.2
configuring for an X.509 token, 3.4.1.2
configuring for SAML token, 3.5.1.2
configuring for SAMl token, 3.5.2.7
configuring for X.509 token, 3.4.2.2
creating, 3.1.1
defined, 1.1.11.4
instance keystores, creating, 3.1.2.1
keystore-related errors
troubleshooting, 6.2
keytool utility, 3.1.1.2.1

L

LDAP provider, SAML token authentication, 3.5.3.2
LDAP repository, 3.4.1.3
LDAPLoginModule, 3.5.3.2
local-part attribute, 2.1.4.4, 2.1.4.5, 2.1.5.5, 2.1.5.6, 3.6.3, 3.6.5, 3.6.6, 3.7.4, 3.7.5

M

mapping-attribute attribute, 3.4.1.3, 3.4.1.3, 3.5.1.3
default values, 3.4.1.3
message confidentiality errors
troubleshooting, 6.4
message integrity errors
troubleshooting, 6.3
message-level security, 1.1.8
mode attribute, 2.1.4.5, 2.1.5.6, 3.6.5, 3.6.6

N

name attribute, 2.1.5.1, 2.1.5.3, 3.3.2.1, 3.5.2.2.1
name identifier formats, for SAML tokens, 3.5.1.3
Namecallback, 2.1.5.1, 3.3.2.2
name-format attribute, 2.1.5.3, 3.5.2.2.1
name-space attribute, 2.1.4.4, 2.1.4.5, 2.1.5.5, 2.1.5.6, 3.6.5, 3.6.6, 3.7.4, 3.7.5
nonce
configuration, 2.1.3
digest password configuration, 3.3.1.2
username token configuration, 3.3.1.1
non-secured Web services, use cases, 5.1

O

operation-level policy, 1.1.2.5
Oracle Application Server Web Services Security
Application Server Control support, 1.3.1
architecture, 1.2.3
JDeveloper support, 1.3.2
supported standards, 1.2.1
tool support, 1.3
Oracle HTTP Server
third party licenses, C
Oracle Identity Management (OID), 1.2.4.2
Oracle Wallet, 3.4.1.2, 3.4.2.2, 3.5.1.2, 3.5.2.7, 3.6
add command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
cert create command, 3.1.1.3.2
create command, 3.1.1.3.1
creating, 3.1.1.3
creating self-signed certificates, 3.1.1.3.1
creating user certificates, 3.1.1.3.2
defined, 1.1.11.4
display command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
export command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
orapki utility, 3.1.1.3
using, 3.1.1.3
Oracle Web Services Manager (OWSM), 1.3.3
access control, 1.3.3
policy management, 1.3.3
single sign-on, 1.3.3
oracle.security.wss.propagate.identity property, 3.5.2.4, 3.5.3.3
oracle.security.wss.signwithski property, 3.4.2.3, 3.7.6
oracle-webservcies.xml deployment descriptor, 1.1.2.1
oracle-webservices-security-10_0.xsd listing, A.1
oracle-webservices.xml deployment descriptor, 2, 2, 2, 2, 2.1, 2.1.4, 2.1.5, 3.1.2.2, 3.3.1, 3.3.1.3, 3.4.1, 3.4.1.4, 3.7.4, 4.1.1, 4.1.1, 4.1.2, 4.2
oracle-werbservices.xml deployment descriptor, 4.5.4
orapki utility, 3.1.1.3
orion-ejb-jar.xml deployment descriptor, 4.5.4
orion-web.xml deployment descriptor, 4.5.4
outbound elements, 2.1.5
outbound policy, 1.1.2.2
output argument (WebServicesAssembler), 4.1.2

P

password attribute, 2.1.5.1, 3.3.2.1
password indirection, configuring, 3.1.3
Passwordcallback, 2.1.5.1, 3.3.2.2
password-type attribute, 2.1.4.1, 2.1.5.1, 3.3.1.1
path attribute, 2.1.1
policies
defined, 1.1.2
global-level, 1.1.2.3
inbound policy, 1.1.2.1
operation-level, 1.1.2.5
outbound policy, 1.1.2.2
port-level, 1.1.2.4
policy management, with Oracle Web Services Manager, 1.3.3
port-level policy, 1.1.2.4
private keys, creating with Java Keystore, 3.1.1.2.1

R

replay attacks, preventing, 3.7.7
request envelope, defined, 1.1.3
require-created attribute, 2.1.4.1, 3.3.1.1
require-nonce attribute, 2.1.4.1, 3.3.1.1
response envelope, defined, 1.1.4

S

SAML authority (third party), retrieving a SAML token, 3.5.2.6
SAML elements, 2.1.4.3
SAML token
assertion issuer, 3.5.1.4
assertion subject
configuring by identity propagation, 3.5.2.4
configuring with Stub properties, 3.5.2.3
attributes statements, 3.5.2.2.3
attributes.properties file, 3.5.2.2.3
authenticating with a third party LDAP provider, 3.5.3.2
authentication, 3.5.1.4
authentication statements, 3.5.2.2.3
client configuration, 3.5.2
configuring assertion subject name and format, 3.5.2.2.1
COREid security provider, 3.5.3.1
dynamic client configuration, 3.5.2.4
integrating with security providers, 3.5.3
issuer name, configuring, 3.5.2.2.2
keystore configuration, 3.5.1.2, 3.5.2.7
mapping the assertion subject, 3.5.1.3
name identifier formats, 3.5.1.3
oracle.security.wss.propagate.identity property, 3.5.3.3
retrieving from a third-party SAML authority, 3.5.2.6
server configuration, 3.5.1
setting SAMLLoginModule options, 3.5.1.4
static and dynamic configurations, combining, 3.5.2.8
static client configuration, 3.5.2.2
Stub properties, 3.5.2.3
writing a callback handler, 3.5.2.5
SAML token elements, 2.1.5.3
for retrieving SAML tokens, 2.1.5.4
SAML token profile, use case, 5.3.1.3
SAML tokens, 1.1.11.3
source URL, 1.2.1
SAML, configuring Single Sign-On, 3.5.3.3
SAML, defined, 1.1.7
SAMLLoginModule, 3.5.1, 3.5.1.2, 3.5.1.3, 3.5.1.4, 3.5.3.2
SAMLLoginModule options
issuer.keystorepassword.N, 3.5.1.4
issuer.keystorepath.N, 3.5.1.4
issuer.keystoretype.N, 3.5.1.4
issuer.name.N, 3.5.1.4
issuer.trustpointalias.N, 3.5.1.4
SAMLP, 2.1.5.4, 3.5.2
SAMLTokenCallback call back handler, 2.1.5.3
secure client code, generating, 4.1.1
secure sockets layer, use case, 5.2.1
secure Web service
assembling, 4
assembling bottom up, 4.1.2
assembling top down (from a WSDL), 4.1.1
secured service
accessing from a J2EE client, 4.5.5.2
accessing from a J2SE client, 4.5.5.1
security
administratrion, 3
client JAR files, 4.4
message-level, 1.1.8
threats and solutions, B
transport-level, 1.1.9
security elements, described, 2.1
security framework
integration with interceptors, 1.2.4
security providers
integrating with SAML tokens, 3.5.3
integrating with security tokens, 3.2
integrating with username tokens, 3.3.3
integrating with X.509 tokens, 3.4.3
security schema, listing, A.1
security tokens
integrating with security providers, 3.2
self-signed certificates, 3.1.1.3.1
sender-vouches (signed) confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
configuring, 3.5.2.2.5
sender-vouches (unsigned) confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
sender-vouches (unsigned) confirmation method, configuring, 3.5.2.2.6
Sender-Vouches attribute, 2.1.4.3, 2.1.5.3
Sender-Vouches-Unsigned attribute, 2.1.4.3, 2.1.5.3
server
acccessing user credentials, 4.7
server-side security configuration files, 4.2
service endpoint interface, 4.1.1
service interceptor, 1.2.2, 1.2.2.1
ServiceLifeCycle interface, to access user credentials, 4.7.2
ServletEndpointContext interface, to access user credentials, 4.7.2
signature
algorithms, 2.1.5.5
computing, 1.1.5
configuring, 3.7
configuring for inbound messages, 3.7.2
configuring for outbound messages, 3.7.1
defined, 1.1.5
elements, 2.1.5.5
signing a SOAP message body, 3.7.3
signing a SOAP message element, 3.7.4
signwithski property, 3.4.2.3, 3.7.6
using a subject key identifier, 3.7.6
verifying signature for SOAP message elements, 3.7.5
signature key element, 2.1.2
signature verification elements, 2.1.4.4
signwithski property, 3.4.2.3, 3.7.6
Single Sign-On, configuring with SAML, 3.5.3.3
single sign-on, with Oracle Web Services Manager, 1.3.3
SOAP message body
encrypting, 3.6.3
signing, 3.7.3
SOAP message elements
decrypting, 3.6.6
encrypting, 3.6.5
signing, 3.7.4
verifying signature, 3.7.5
SOAP, defined, 1.1.1
source URL
SAML tokens, 1.2.1, 1.2.1
username tokens, 1.2.1
Web Service Interoperability, 1.2.1
XML Digital Signature, 1.2.1
XML encryption, 1.2.1
standards
supported by Oracle Application Server Web Services Security, 1.2.1
store-pass attribute, 2.1.1
Stub interface, 3.5.2.3, 4.5.5
Stub properties, for the username token, 3.3.2.3
stub properties, helper class methods, 4.5.5.1
Stub.PASSWORD_PROPERTY, 2.1.5.1, 3.3.2.3, 4.5.5.1, 4.5.5.2.2
Stub.USERNAME_PROPERTY, 2.1.5.1, 3.3.2.3, 3.5.2.3, 4.5.5.1, 4.5.5.2.2
Subject class, to access user credentials, 4.7.1
subject key identifier
authenticating an X.509 token, 3.4.2.3
signing, 3.7.6
system-jazn-data.xml file, 3.1.3, 3.3.3.1, 3.5.3.2, 4.3.3

T

testing deployment, 4.1.1, 4.1.2
third party licenses, C
timestamps, in replay attack prevention, 3.7.7
token-based authentication
use case, 5.3.1
tokens
SAML, 1.1.11.3
username, 1.1.11.1
X.509, 1.1.11.2
tool support
username token, 3.3.2.4
X.509 token, 3.4.1.4, 3.4.2.5
top down Web service assembly, 4.1.1
topDownAssemble command (WebServicesAssembler tool), 4.1.1
transport level security, 1.1.9
accessing Web services, 4.5.5
basic authentication, 4.5.1
client certification authentication, 4.5.3
digest authentication, 4.5.2
transport level security, for EJBs, 4.5.4
troubleshooting
authentication errors, 6.5
general errors, 6.1
keystore-related errors, 6.2
message confidentiality errors, 6.4
message integrity errors, 6.3
type attribute, 2.1.1

U

use cases
basic authentication, 5.2.2.1
basic Web service, 5.1.1
complex business processes, 5.1.2
digest authentication, 5.2.2.2
federated Web services, 5.1.4
gateways, 5.6
HTTP security, 5.2
identity management, 5.7
interoperability, 5.8
non-secured Web services, 5.1
Oracle Web Services Manager (OWSM), 1.3.3
SAML token profile, 5.3.1.3
secure sockets layer, 5.2.1
token-based authentication, 5.3.1
username token profile, 5.3.1.1
Web service intermediaries, 5.1.3
WS-Security, 5.3
X.509 token profile, 5.3.1.2
XML encryption, 5.5
XML signature, 5.4
user certificates, 3.1.1.3.2
user credentials
accessing on the server side, 4.7
username property, 4.5.5.2.1
username token, 1.1.11.1
client configuration, 3.3.2
configuration for the client-side, port level, 4.3.1
configuration for the server-side, operation level, 4.2.2
configuration for the server-side, port level, 4.2.1
configuring nonce cache, 3.3.1.2
COREid security provider, 3.3.3.1
elements, 2.1.5.1
integrating with security providers, 3.3.3
nonce details, 3.3.1.1
passing the user name and password, 3.3.2.3
password details, 3.3.1.1
server configuration, 3.3.1
server-side configuration file, 4.2.1
source URL, 1.2.1
Stub properties, 3.3.2.3
tool support, 3.3.2.4
writing a callback handler, 3.3.2.2
username token profile, use case, 5.3.1.1

V

value attribute, 3.4.2.3, 3.7.6

W

Web Service Home Page, 4.1.1, 4.1.2
Web service intermediaries, use case, 5.1.3
Web Service Interoperability
source URL, 1.2.1
WebServicesAssembler tool
described, 4.6
support for username token, 3.3.2.4
support for X.509 token, 3.4.1.4, 3.4.2.5
webservices.xml JAX-RPC deployment descriptor, 4.1.1
web.xml Web deployment descriptor, 4.1.1
wsmgmt.xml configuration file, 2, 2, 2
WS-Security, defined, 1.1.10
WS-Security, use case, 5.3

X

X.509 certificate
mapping to users, 3.4.1.3
X.509 token, 1.1.11.2
authenticating, 3.4.2.3
client configuration, 3.4.2
COREid security provider, 3.4.3.1
elements, 2.1.5.2
integrating with security providers, 3.4.3
keystore configuration, 3.4.2.2
server configuration, 3.4.1
source URL, 1.2.1
tool support, 3.4.1.4, 3.4.2.5
X.509 token profile, use case, 5.3.1.2
XML Digital Signature, source URL, 1.2.1
XML encryption
use cases, 5.5
XML encryption, source URL, 1.2.1
XML repository, 3.4.1.3
XML signature
use cases, 5.4
XML signature and encryption
client-side
configuration file, 4.3.2
port level, 4.3.2
server-side
configuration file, 4.2.3, 4.2.4
operation level, 4.2.4
port level, 4.2.3
  Previous
Previous
  Go To Documentation Library
Home		 Go To Product List
Solution Area		 Go To Table Of Contents
Contents