Skip Headers
Oracle® Application Server Web Services Security Guide
10
g
Release 3 (10.1.3)
B15979-01
Home
Solution Area
Contents
Index
Previous
Next
List of Examples
1-1 Contents of the SOAP <Envelope> Element
1-2 XML Representation of Signed Data
1-3 XML Representation of Credit Card Data
1-4 XML Representation of Encrypted Credit Card Data
2-1 Security Elements in the Server-Side Configuration File
2-2 Security Elements in the Client-Side Configuration File
3-1 Configuration for a Web Service Application Keystore
3-2 Username Token Configuration for the Server Side
3-3 Sample Nonce Cache Configuration (javacache.xml)
3-4 Username Token Configuration for the Client Side
3-5 Configuration for the cbhandler-name Attribute
3-6 Callback Handler for s Username Token
3-7 Using Stub Properties to Access a Web Service
3-8 Setting the User Name Variable for COREid in the Username Login Module
3-9 Setting the Password Variable for COREid in the Username Login Module
3-10 CoreIDLoginModule for Username Token Authentication
3-11 X.509 Token Configuration for the Server Side
3-12 Mapping a User to an X.509 Certificate
3-13 X.509 Token Configuration for the Client Side
3-14 X.509 Token with a Subject Key Identifier
3-15 Signing the X.509 Token in an Outbound Message
3-16 Setting the CN Variable for the COREid Login Module for X.509 Authentication
3-17 CoreIDLoginModule for X.509 Token Authentication
3-18 Verifying a SAML Token
3-19 Mapping a SAML Assertion Subject
3-20 Configuration for a Sender-Vouches (Signed) Confirmation Method
3-21 Configuration for a Sender Vouches (Unsigned) Confirmation Method
3-22 Configuration for a Holder of Key Confirmation
3-23 Sample Implementation of a SAML Token Callback Handler
3-24 Configuration to Retrieve a SAML Token
3-25 Setting the SAML Subject Variable for the COREid Login Module for SAML Authentication
3-26 Using the COREid and SAML Login Modules for SAML Subject Authentication
3-27 Sample Configuration to Authenticate SAML Tokens for an External LDAP Provider
3-28 Encrypting the SOAP Message Body
3-29 Decrypting the body of a SOAP Message
3-30 Encrypting a User Name Token Element
3-31 Decrypting a SOAP Message Element
3-32 Decrypting Inbound Messages
3-33 Signing a SOAP Message Element
3-34 Configuration for Verifying a Signature for an Element
3-35 Signing a Message Body with a Subject Key Identifier
3-36 Configuration to Add a Timestamp to Outbound Messages
3-37 Configuring Timestamp Verification on Inbound Messages
3-38 Setting Clock Skew Between the Client and Web Service Application
3-39 Client-Side Deployment Descriptor Configured for SAML Token, Encryption, and Signature
3-40 Server-Side Deployment Descriptor Configured for SAML Token, Encryption, and Signature
4-1 Sample Server-Side Configuration File for Port-Level Username Token Verification
4-2 Sample Server-Side Configuration File for Operation Level Username Token Verification
4-3 Sample Server-Side Configuration File with Keystore and Inbound Policy for Decryption and Signature Verification
4-4 Sample Server-Side Configuration File with Operation-Level Decryption and Signature Verification
4-5 Sample Client-Side Web Services Configuration File with Port-Level Username Token Security
4-6 Sample Client-Side Web Services Configuration File with Port Level Signature and Encryption Security
4-7 <ejb-transport-security-constraint> Element in oracle-webservices.xml
4-8 <ejb-transport-login-config> Element in oracle-webservices.xml
4-9 Accessing a Secured Service from a J2SE Client with Stub Properties
4-10 Accessing a Secured Service from a Static J2EE Client Configuration
4-11 Accessing a Secured Service from a J2EE Client Programmatically
4-12 Obtaining the Name of an Authenticated User with the AccessControlContext API
4-13 Obtaining the Name of an Authenticated User with the ServiceLifeCycle API
A-1 Contents of the oracle-webservices-security-10_0.xsd Security Schema