> Security Guide

Security Guide

     Previous  Next    Contents    View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Introduction

Document Audience

Related Information

Understanding AquaLogic Service Bus Security

Inbound Security

Outbound Security

Options for Identity Propagation

Example: Authentication with a User Name Token

Administrative Security

Access Control Policies

Configuring Proxy Service Access Control

Access Control Policy Management

Deleting a Proxy Service

Deleting the Access Control Policy Assigned to a Proxy Service

Moving or Renaming a Proxy Service

Renaming a Proxy Service Operation

Preserving Security Configuration During Import

Preserve Security and Policy Configuration Check Box

Preserve Credentials Check Box

Preserve Access Control Check Box

Configuring the WebLogic Security Framework: Main Steps

Context Properties Are Passed to Security Providers

Context Properties for HTTP Transport-Level Authentication

ContextHandler Properties for Access Control and Message-Level Custom Authentication

Additional Transport-Specific Context Properties

Administrator-Supplied Context Properties for Message-Level Authentication

Security Provider Must Have Knowledge of the Property Name

WebLogic Server Administrative Channel is Supported

Using the Administrative Channel: Main Steps

Supported Standards and Security Providers

Support for WebLogic Security Providers

Configuring Authentication Providers

Using a Custom Authorization Provider to Protect AquaLogic Service Bus Resources

WebLogic Authorization Provider Usage Information

ALSBProxyServiceResource Object

ALSBProxyServiceResource Examples

ProjectResourceV2 Object

ConsoleResource Object

AquaLogic Service Bus Security FAQ

Configuring Transport-Level Security

Configuring Transport-Level Security for HTTPS

HTTPS Authentication Levels

Configuring Inbound HTTPS Security: Main Steps

Configuring Outbound HTTPS Security: Main Steps

Configuring Transport-Level Security for HTTP

Configuring Inbound HTTP Security: Main Steps

Configuring Outbound HTTP Security: Main Steps

Configuring Transport-Level Security for JMS

Configuring Inbound JMS Transport-Level Security: Main Steps

Configuring Outbound JMS Transport-Level Security: Main Steps

Configuring Transport-Level Security for SFTP Transport

How Two-Way Authentication is Performed

Use of the known_hosts File

Creating the known_hosts File

SFTP Transport Authentication Process

Configuring Inbound SFTP Transport-Level Security: Main Steps

Configuring Outbound SFTP Transport-Level Security: Main Steps

SFTP Security Attributes Preserved During Import

SFTP Credential Lifecycle

Email, FTP, and File Transport-Level Security

Email and FTP Transport-Level Security

File Transport Security

Configuring Transport-Level Security for SB Transport

Configuring SAML Authentication With Service Bus (SB) Transport

Configuring Transport-Level Security for WS Transport

Reliable Web Services Messaging Defined

WS Transport Resources Visible in WLS Console

Use of WS-Policy Files for Web Service Reliable Messaging Configuration

Preconfigured WS-RM Policy Files

RM WS-Policy Required Prior to Activation

Async Responses

Proxy Service Authentication

Preserving Security Configuration on Import

Configuring Inbound and Outbound WS Transport-Level Security

Configuring Transport-Level Security for WebSphere Message Queue Transport

Configuring Inbound MQ Transport-Level Security: Main Steps

Configuring Outbound MQ Transport-Level Security: Main Steps

Transport-Level Security Elements in the Message Context

Configuring Custom Authentication

What Are Custom Authentication Tokens?

Custom Authentication Token Use and Deployment

Understanding Transport-Level Custom Authentication

Importing and Exporting and Transport-Level Custom Token Authentication

Understanding Message-Level Custom Authentication

Format of XPath Expressions

Configuring Identity Assertion Providers for Custom Tokens

Object Type of Custom Tokens

Configuring a Custom Token Type in an Identity Assertion Provider

Steps for Configuring a Custom Token Type in an Identity Assertion Provider

Setting the Supported and Active Types in the MBean

Configuring Custom Authentication Transport-Level Security

Steps for Configuring Custom Authentication Transport-Level Security

Configuring Custom Authentication Message-Level Security

Steps for Configuring Custom Authentication Message-Level Security

Propagating the Identity Obtained From Custom Authentication Tokens

Combining WS-Security with Custom Username/Password and Tokens

Using WS-Policy in ALSB Proxy and Business Services

About Web Services Policy

Relationship Between WS-Security and WS-Policy

Supported Web Services Security Policy Assertions

WS-Policies Can be Bound Directly to Service

Abstract and Concrete WS-Policy Statements

AquaLogic Service Bus WS-Policy Files

Predefined WS-Security Policy 1.2 Policy Files

Predefined BEA Proprietary Policy Files

Predefined Reliable Messaging Policy Files

When to use the Predefined Policy Files

Creating and Using Custom WS-Policy Statements

Custom WS-SecurityPolicy 1.2 Policy Statements

Attaching WS-Policy Statements to WSDL Documents

Determining the URI of a WS-Policy Statement

Specifying the URI of a WS-Policy Statement in a WSDL Document

Best Practices: Attaching WS-Policy Statements

Example: Requiring X.509 Credentials for Identity and Confidentiality

Example: Attaching Custom Inline WS-Policy Statements to a WSDL Document

BEA-Proprietary Security Policy Best Practices

Policy Subjects and Effective Policy

Configuring Message-Level Security for Web Services

About Message-Level Security

Sample Sequence of Actions in Message-Level Security

Message-Level Access Control Policies for Proxy Services

Configuring Proxy Service Message-Level Security

Creating an Active Intermediary Proxy Service: Main Steps

Creating a Pass-Through Proxy Service: Main Steps

Configuring Business Service Message-Level Security: Main Steps

Examples of Custom WS-Policy Statements

Example: Encrypting Part of the SOAP Body and Header

Example: Encryption Policy for a Business Service

Example: Encrypting a Custom SOAP Header

Example: Signing the Message Body and Headers

Example: Signing a SOAP Body with SAML Holder-of-Key

Example: Authenticating, Signing, and Encrypting a SOAP Body and Headers with SAML Sender Vouches

Disabling Business Service Message-Level Security

Using SAML for Authentication

Configuring SAML Credential Mapping: Main Steps

Configuring SAML Pass-Through Identity Propagation

Authenticating SAML Tokens in Proxy Service Requests

Configuring SAML Authentication with Service Bus (SB) Transport

Troubleshooting SAML Web Services Security

Configuring Administrative Security

Administrative Security Roles and Privileges

Role-Based Access in AquaLogic Service Bus Console

Administrative Security Groups

Configuring Administrative Security: Main Steps

Securing AquaLogic Service Bus in a Production Environment

Undeploying the Service Bus (SB) Resource

Protection of Temporary Files With Streaming body Content


  Back to Top       Previous  Next