Skip Headers
Oracle® Application Server Web Services Security Guide
10
g
(10.1.3.1.0)
Part Number B28976-01
Home
Book List
Contents
Index
Contact Us
Previous
Next
View PDF
List of Examples
1-1 Contents of the SOAP <Envelope> Element
1-2 XML Representation of Signed Data
1-3 XML Representation of Credit Card Data
1-4 XML Representation of Encrypted Credit Card Data
2-1 Security Configuration Elements in the Server-Side Configuration File
2-2 Security Configuration Elements in the Client-Side Configuration File
3-1 Configuration for a Web Service Application Keystore
3-2 Username Token Configuration for the Server Side
3-3 Sample Nonce Cache Configuration (javacache.xml)
3-4 Username Token Configuration for the Client Side
3-5 Callback Handler for a Username Token
3-6 Configuration for the cbhandler-name Attribute
3-7 Using Stub Properties to Access a Web Service
3-8 Setting the User Name Variable for Oracle Access Manager in the Username Login Module
3-9 Setting the Password Variable for Oracle Access Manager in the Username Login Module
3-10 CoreIDLoginModule for Username Token Authentication
3-11 X.509 Token Configuration for the Server Side
3-12 Mapping a User to an X.509 Certificate
3-13 X.509 Token Configuration for the Client Side
3-14 X.509 Token with a Subject Key Identifier
3-15 Signing the X.509 Token in an Outbound Message
3-16 Setting the CN Variable for the Oracle Access Manager Login Module for X.509 Authentication
3-17 CoreIDLoginModule for X.509 Token Authentication
3-18 Verifying a SAML Token
3-19 Mapping a SAML Assertion Subject
3-20 Configuration for a Sender-Vouches (Signed) Confirmation Method
3-21 Configuration for a Sender Vouches (Unsigned) Confirmation Method
3-22 Configuration for a Holder of Key Confirmation
3-23 Sample Implementation of a SAML Token Callback Handler
3-24 Configuration to Retrieve a SAML Token
3-25 Setting the SAML Subject Variable for the Oracle Access Manager Login Module for SAML Authentication
3-26 Using the Oracle Access Manager and SAML Login Modules for SAML Subject Authentication
3-27 Sample Configuration to Authenticate SAML Tokens for an External LDAP Provider
3-28 Encrypting the SOAP Message Body
3-29 Decrypting the body of a SOAP Message
3-30 Encrypting a User Name Token Element
3-31 Decrypting a SOAP Message Element
3-32 Decrypting Inbound Messages
3-33 Signing a SOAP Message Element
3-34 Configuration for Verifying a Signature for an Element
3-35 Signing a Message Body with a Subject Key Identifier
3-36 Configuration to Add a Timestamp to Outbound Messages
3-37 Configuring Timestamp Verification on Inbound Messages
3-38 Setting Clock Skew Between the Client and Web Service Application
3-39 Client-Side Deployment Descriptor Configured for SAML Token, Encryption, and Signature
3-40 Server-Side Deployment Descriptor Configured for SAML Token, Encryption, and Signature
4-1 Sample Server-Side Configuration File for Port-Level Username Token Verification
4-2 Sample Server-Side Configuration File for Operation Level Username Token Verification
4-3 Sample Server-Side Configuration File with Keystore and Inbound Policy for Decryption and Signature Verification
4-4 Sample Server-Side Configuration File with Operation-Level Decryption and Signature Verification
4-5 Sample Client-Side Web Services Configuration File with Port-Level Username Token Security
4-6 Sample Client-Side Web Services Configuration File with Port Level Signature and Encryption Security
4-7 <ejb-transport-security-constraint> Element in oracle-webservices.xml
4-8 <ejb-transport-login-config> Element in oracle-webservices.xml
4-9 Sample genProxy Command
4-10 Sample Client Configuration File for WS-Security Username Token Authentication
4-11 Providing a Username and Password Programatically
4-12 Sample HTTP Authentication Configuration in an orion-*.xml File
4-13 Sample genProxy Command
4-14 Sample Client Configuration File for WS-Security Username Token Authentication
4-15 Obtaining the Name of an Authenticated User with the AccessControlContext API
4-16 Obtaining the Name of an Authenticated User with the ServiceLifeCycle API
A-1 Contents of the oracle-webservices-security-10_0.xsd Security Schema