This document provides an overview of the Web Services Security Service Module and the related standards and features it supports.
Documentation Audience
It is assumed that the reader understands Web Services technologies and has a general understanding of the Microsoft Windows or UNIX operating systems being used. This document is intended for the following audiences:
Web Services Developers—Developers who are programmers who focus on developing Web services applications and who work with other engineering, quality assurance (QA), and database teams to implement security features. Web services developers have in-depth working knowledge of Web Services programming.
Application Developers—Developers who focus on designing applications and work with other engineers, quality assurance (QA) technicians, and database teams to implement applications.
Security Administrators—Administrators who are responsible for installing and configuring the AquaLogic Enterprise Security products and designing policy. Security administrators work with other administrators to implement and maintain security configurations, authentication and authorization schemes, and to set up and maintain access to deployed application resources. Security administrators have a general knowledge of security concepts and the AquaLogic Enterprise Security architecture.
Prerequisites for this Document
Prior to reading this guide, you should read the Introduction to BEA AquaLogic Enterprise Security. This document describes how the product works and provides conceptual information that is helpful to understanding the necessary installation components.
Additionally, BEA AquaLogic Enterprise Security includes many unique terms and concepts that you need to understand. These terms and concepts—which you will encounter throughout the documentation—are defined in the Glossary.
Optimizing Web Services Performance with Caches, describes how to use the Web Services Client Authorization Cache to allow an application using the Web Services SSM to take advantage of in-process caching to achieve performance improvements when making authorization calls.
Using Failover with a Web Services Client, describes how to develop a Web Services client that uses failover to connect to alternate Web Services SSM if the primary SSM is unreachable.
Web Services Interfaces, describes the Web Services interfaces and the methods that each interface supports.
Related Information
The BEA corporate web site provides all documentation for BEA AquaLogic Enterprise Security. Other BEA AquaLogic Enterprise Security documents that may be of interest to the reader include:
WSDL Documentation for the Web Service Interfaces—This document provides reference documentation for the Web Services Interfaces that are provided with and supported by this release of BEA AquaLogic Enterprise Security.
Policy Managers Guide—This document how to write access control policies for BEA AquaLogic Enterprise Security, and describes how to import and export policy data.
Installing Security Services Modules—This document describes how to install ALES Security Services Modules, including the Web Services Security Service Module.
Developing Security Providers —This document provides security vendors and security and application developers with the information needed to develop custom security providers.
Javadocs for Security Service Provider Interfaces—This document provides reference documentation for the Security Service Provider Interfaces that are provided with and supported by this release of BEA AquaLogic Enterprise Security.
Programming Security for Java Applications—The document describes how to implement security in Java applications. It include descriptions of the Security Service Application Programming Interfaces and programming instructions for implementing security in Java applications.
Javadocs for Java API—This document provides reference documentation for the Java Application Programming Interfaces that are provided with and supported by this release of BEA AquaLogic Enterprise Security.
