This page last changed on Feb 26, 2008.
eDocs Home > BEA AquaLogic Data Services Platform Documentation > Data Services Developer's Guide > Contents How To Configure Security for Web Services ApplicationsALDSP Native Web Services supports the following security features:
Configuring Basic AuthenticationTo use basic authentication, set the Basic Auth Required property of the web services map file to true. For more information, see Web Services Map File Reference. Configuring Transport Level Security (HTTPS)Use the web service map file property editor to change the Transport Type to HTTPS. HTTP is the default. For more information, see Web Services Map File Reference. For HTTPS, you can configure either 1-way or 2-way SSL. For detailed information on transport level security, see the WebLogic Server document Configuring Security: Configuring Transport-Level Security on e-docs. Configuring Web Services Security (WSS)WSS provides message level security. For WSS, ALDSP Native Web Services supports the same standards that are supported by WebLogic Server. For detailed information on WSS, see the WebLogic Server document, Configuring Security: Updating a Client Application to Invoke a Message-Secured Web Service on e-docs. The supported standards include:
To use Web Services Security with an ALDSP web services application:
Specifying PoliciesYou can specify policies for a map file or for individual operations in a map file. Specifying Global PoliciesTo specify a policy for web services security for a map file:
The following listing shows an example .ws file that includes the optional, top-level policies element. Each policy element describes one policy file. The policies element can contain one or more policy elements. The locator attribute contains either an ALDSP locator for the policy file or a fixed URI that describes the location of the standard WLS policy file. ALDSP supports three security policy types. Their URIs are: policy: Auth, policy: Encrypt, policy: Sign. These are abstract policy files provided by WebLogic Server that describe authentication, encryption, and digital signature policies. These policy files do not have to physically reside in DSP project repository. The policy element contains a required attribute Direction. This attribute represents at which direction the security policy will apply. The policy direction can be: REQUEST, RESPONSE, or REQUEST_RESPONSE.
Refer to the schema definition for detailed information on the structure of the map file (see the topic Web Services Map File Reference). Sample Map File<?xml version="1.0" encoding="UTF-8"?> <web:WebServicesMap targetNamespace="ld:myMapper.ws" soapVersion="SOAP_1.1" transportType="HTTP" ADODotNETEnabled="false" basicAuthRequired="false" xmlns:web="http://www.bea.com/dsp/management/configuration/webservices"> <web:policies> <web:policy locator="ld:mypolicy.xml"> <web:policy direction="REQUEST_RESPONSE"> </web:policies> <web:dataServices> <web:dataService locator="ld:CUSTOMER.ds"> <web:function name="deleteCUSTOMER" arity="1" operation="deleteCUSTOMER" returnInHeader="false"> <web:parameterMapping> <web:parameter name="p" wsdlMapping="SOAP_BODY"/> </web:parameterMapping> </web:function> <web:function name="updateCUSTOMER" arity="1" operation="updateCUSTOMER" returnInHeader="false"> <web:parameterMapping> <web:parameter name="p" wsdlMapping="SOAP_BODY"/> </web:parameterMapping> </web:function> </web:dataService> </web:dataServices> </web:WebServicesMap> Specifying Policies for a FunctionTo specify policies for a function in a map file:
|
Document generated by Confluence on Apr 28, 2008 15:54 |