Index
A B C D E F G H I J K L M N O P R S T U V W X
Symbols
- <add-timestamp> element, 2.1.5.5, 3.7.1, 3.7.2, 3.7.7.1
- <attribute> element, 2.1.5.3
- <auth-password> element, 2.1.5.4, A.2.16
- <auth-user-name> element, 2.1.5.4, A.2.16
- <call-property> element, 4.5.5.4.1, 4.5.5.4.1
- <confirmation-method> element, 2.1.4.3, 3.5.1.1, 3.5.2.2.6
- <control-flag> element, 3.5.3.1, 3.5.3.2
- <decrypt> element, 2.1.4.5, 3.6.2, 3.6.8, 4.1.1, 4.1.2, A.2.4
- <DigestValue> element, 1.1.5
- <ejb-transport-login-config> element, 4.5.4, 4.5.4
- <ejb-transport-security-constraint> element, 4.5.4
- <encrypt> element, 2.1.5.6, 3.6.1, 4.1.1, 4.1.2, A.2.5
- <encryption> element, 2.1.5
- <encryption-key> element, 2.1.2, 3.1.2.2, 3.6, A.2.6, A.2.20
- <encryption-method> element, 2.1.5.6, 3.6.1, 3.6.2
- <encryption-methods> element, 2.1.4.5
- <endpoint-address> element, 2.1.5.4, A.2.16
- <endpoint-address-uri> element, 4.5.4
- <Envelope> element, 1.1.1
- <generated_name>_Stub.xml client deployment descriptor, 1.1.2.1, 2, 2, 2, 2.1.4, 2.1.5, 3.1.2.2, 3.3.2, 3.3.2.4.2, 3.4.2, 3.4.2.3, 3.4.2.5.2, 3.5.2, 3.5.2, 3.5.2.2, 3.7.4, 4.1.1, 4.1.1, 4.1.2, 4.1.2, 4.3, A, A.2.9, A.2.14
- <inbound> element, 2, 3.3.1.1, 3.4.1.1, 3.5.1.1, 3.7.2
- <KeyInfo> element, 1.1.5
- <key-store> element, 2.1.1, 3.1.2.2, A.2.10
- <keytransport-method> element, 2.1.5.6, 3.6.1, 3.6.2
- <keytransport-methods> element, 2.1.4.5
- <login-module> element, 3.3.3.1, 3.4.3.1, 3.5.3.1
- <name> element, 4.5.5.4.1
- <name-identifier> element, 2.1.5.3, A.2.17
- <nonce-config> element, 2.1.3, A.2.13
- <outbound> element, 2, 3.6.1, 3.7.1, 4.5.5.3.2, 4.5.5.4.2
- <property> element, 3.4.2.3, 3.7.6
- <recipient-key> element, 2.1.5.6, 3.6.1
- <Reference> element, 1.1.5
- <require-signature> element, 2.1.5.4, 3.5.2.6, A.2.16
- <saml-authority> element, 2.1.5.3, 2.1.5.4, 3.5.2.6, A.2.16
- <saml-token> element, 2.1.5, 2.1.5.3, 3.5.2.2.1, 3.5.2.2.5, 3.5.2.6, 4.1.1, 4.1.2, A.2.17
- <saml-token> element, configuring, 3.5.2.1
- <security> element, 2.1.4, 3.1.2.2, 4.2.1, 4.3.1, A.2.9
- <service-ref-mapping> element, 4.5.5.4.1
- <signature> element, 2.1.5, 2.1.5.5, 3.5.2.2.5, 3.7.1, 4.1.1, 4.1.2
- <signature-key> element, 2.1.2, 3.1.2.2, 3.7, A.2.6, A.2.20
- <SignatureMethod>, 1.1.5
- <signature-method> element, 3.5.2.2.5, 3.7.1, 3.7.2
- <signature-methods> element, 2.1.4.4, 2.1.5.5
- <SignatureValue> element, 1.1.5
- <SignedInfo> element, 1.1.5
- <subject-confirmation-method> element, 2.1.4.3, 2.1.5.3, 3.5.1.1, 3.5.1.1
- <tbe-element> element, 3.6.3, 3.6.5
- <tbe-elements> element, 2.1.4.5, 2.1.5.6, 3.6.1, 3.6.2
- <tbs-element> element, 3.7.5
- <tbs-elements> element, 2.1.4.4, 2.1.5.5, 3.7.1, 3.7.2
- <use-request-cert> element, 2.1.5.6, 3.6.1
- <username-token> element, 2, 2.1.5, 2.1.5.1, 3.3.2.3, 4.3.1, 4.5.5.3.2, 4.5.5.4.2, A.2.30
- <username-token> element, configuring, 3.3.2.1
- <value> element, 4.5.5.4.1
- <verify-saml-token> element, 2.1.4, 2.1.4, 2.1.4.3, 2.1.4.3, 4.1.1, 4.1.2, A.2.31
- <verify-saml-token> element, configuring, 3.5.1.1
- <verify-signature> element, 2.1.4.4, 3.7.2, 3.7.7, 4.1.1, 4.1.2, A.2.32
- <verify-timestamp> element, 2.1.4.4, 3.7.1, 3.7.2, 3.7.7.2
- <verify-username-token> element, 2, 2.1.4, 2.1.4, 2.1.4.1, 4.2.1, 4.2.2, A.2.34
- <verify-username-token> element, configuring, 3.3.1.1
- <verify-x509-token> element, 2.1.4, 2.1.4, 2.1.4.2, 4.1.1, 4.1.2, A.2.35
- <verify-x509-token> element, configuring, 3.4.1.1
- <x509-token> element, 2.1.5, 2.1.5.2, 3.4.2.1, 4.1.1, 4.1.2, A.2.36
A
- AccessControlContext class, to access user credentials, 4.7.1
- AccessController class, to access user credentials, 4.7.1
- accessing services secured with HTTP authentication, 4.5.5.3.1, 4.5.5.4.1
- accessing services secured with WS-Security username token authentication, 4.5.5.3.2, 4.5.5.4.2
- add-created attribute, 2.1.5.1, 3.3.2.1, A.2.30
- add-nonce attribute, 2.1.5.1, 3.3.2.1, A.2.30
- alias attribute, 2.1.2, 2.1.2, 2.1.5.6, A.2.15
- Ant tasks, for the WebServicesAssembler tool, 4.6
- Apache software
-
- license, C.1.1
- Application Server Control
-
- support for Oracle Application Server Web Service Security, 1.3.1
- architecture, Oracle Application Server Web Services Security, 1.2.3
- assemble command (WebServicesAssembler tool), 4.1.2
- assembling a secure Web service, 4
-
- bottom up, 4.1.2
- top down, 4.1.1
- assertion issuer, 3.5.1.4
- assertion subject
-
- configuring a name, 3.5.2.2.1
- configuring a name format, 3.5.2.2.1
- mapping to name identifiers, 3.5.1.3
- attributes statements, for SAML, 3.5.2.2.3
- attributes.properties file, 3.5.2.2.3
- authentication, 1.1
-
- creating user information, 4.3.3
- elements, 2.1.4
- authentication errors
-
- troubleshooting, 6.5
- authentication information
-
- passing in a deployment descriptor, 4.5.5.4.1
- authentication information, passing programmatically, 4.5.5.3
- authentication information, passing statically, 4.5.5.4
- authentication statements, for SAML, 3.5.2.2.3
B
- basic authentication, transport level, 4.5.1
- basic authentication, use case, 5.2.2.1
- basic Web service, use case, 5.1.1
- bottom up Web service assembly, 4.1.2
C
- cache-ttl attribute, 2.1.3
- Call interface, 4.5.5.1
- callback handler
-
- for the SAML token, 3.5.2.5
- for the username token, 3.3.2.2
- cbhandler-name attribute, 2.1.5.1, 2.1.5.3, 3.3.2.2, 3.5.2.2.7, A.2.17, A.2.30
- Certificate Authority (CA), 3.1.1.1
- certificates
-
- loading with Java Keystore, 3.1.1.2.1
- obtaining from a Certificate Authority, 3.1.1.1
- self-signed, 3.1.1.3.1
- user, 3.1.1.3.2
- client certification authentication, transport level, 4.5.3
- client code, generating, 4.1.1
- client interceptor, 1.2.2, 1.2.2.2
- client JAR files, for security, 4.4
- client-side security configuration files, 4.3
- clock skew, adjusting, 3.7.8
- clock-skew attribute, 2.1.3, 4.2.4
- clock-skew property, 3.7.2, 3.7.7, 3.7.8
- CN (common-name), 3.4.1.3
- common name (CN), 3.4.1.3
- complex business processes, use case, 5.1.2
- configuration file for security
-
- creating for the client-side, 4.3, 4.3.1, 4.3.2
- creating for the server-side, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4
- confirmation methods
-
- configuring, 3.5.2.2.4
- holder-of-key, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
- holder-of-key, configuring, 3.5.2.2.7
- sender-vouches (signed), 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
- sender-vouches (signed), configuring, 3.5.2.2.5
- sender-vouches (unsigned), 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
-
- configuring, 3.5.2.2.6
- CoreIDLoginModule
-
- for Oracle Access Manager security provider, 3.3.3.1, 3.4.3.1, 3.5.3.1
- coreid.name.attribute property, 3.3.3.1, 3.4.3.1, 3.5.3.1
- coreid.password.attribute property, 3.3.3.1
- created attribute, 2.1.4.4, 2.1.5.5, 3.7.7.1, A.2.1, A.2.33
D
- ddFileName argument (WebServicesAssembler tool), 3.3.1.4.3, 3.3.2.4.2, 3.4.1.4.3, 3.4.2.5.2, 4.1.1, 4.1.1, 4.1.2, 4.1.2
- decryption
-
- decrypting elements of a SOAP message, 3.6.6
- decryption elements, 2.1.4.5, A.2.4
- deployment descriptor
-
- <generated_name>_Stub.xml (client), 2, 2.1.4, 2.1.5, 4.1.1, 4.1.1, 4.1.2, 4.1.2, 4.3, A, A.2.9, A.2.14
- oracle-webservices.xml, 2, 2.1.4, 2.1.5, 4.1.1, 4.1.1, 4.1.2, A, A.2.9, A.2.14
- webservices.xml, 4.1.1
- web.xml, 4.1.1
- deployment descriptors
-
- passing authentication information, 4.5.5.4.1
- deployment, testing, 4.1.1, 4.1.2
- digest authentication, transport level, 4.5.2
- digest authentication, use case, 5.2.2.2
- digest password, for a nonce configuration, 3.3.1.3
- distinguished name (DN), 3.4.1.3
- DN (distinguished name), 3.4.1.3
E
- ear/META-INF directory, 4.1.1, 4.1.2
- EJBs
-
- adding transport level security, 4.5.4
- encryption
-
- algorithms, 2.1.4.5
- configuring, 3.6
- configuring for inbound messages, 3.6.2
- configuring for outbound messages, 3.6.1
- decrypting elements of a SOAP message, 3.6.6
- defined, 1.1.6
- elements, 2.1.5.6, A.2.5
- encrypting a SOAP message body, 3.6.3
- encrypting elements of a SOAP message, 3.6.5
- encryption key element, 2.1.2, A.2.6, A.2.20
- expiry attribute, 2.1.4.4, 2.1.5.5, 3.7.7.1, 4.2.4, A.2.1, A.2.33
F
- federated Web services, use case, 5.1.4
G
- gateways
-
- use cases, 5.6
- general errors
-
- troubleshooting, 6.1
- genInterface command (WebServicesAssembler tool), 4.1.1
- genProxy command (WebServicesAssembler tool), 3.3.2.4.2, 3.4.2.5.2, 4.1.1, 4.1.2
- genProxy, WebServicesAssembler command, 4.5.5.3.2, 4.5.5.4.2
- global-level policy, 1.1.2.3
H
- Holder-Of-Key attribute, 2.1.4.3, 2.1.5.3, A.2.3
- holder-of-key confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
-
- configuring, 3.5.2.2.7
- HTTP authentication, 4.5.5.3.1, 4.5.5.4.1
- HTTP authentication, accessing services, 4.5.5.3.1, 4.5.5.4.1
- HTTP security, use case, 5.2
I
- identity management
-
- use cases, 5.7
- identity propagation
-
- of SAML assertion subjects, 3.5.2.4
- using the oracle.security.wss.propagate.identity property, 3.5.2.4
- inbound policy, 1.1.2.1
- interceptors
-
- client, 1.2.2, 1.2.2.2
- data flow, 1.2.2.2
- framework, 1.2.2
- integration with OC4J security framework, 1.2.4
- service, 1.2.2, 1.2.2.1
- interoperability
-
- use cases, 5.8
- issuer name, configuring, 3.5.2.2.2
- issuer.keystorepassword.N, SAMLLoginModule option, 3.5.1.4
- issuer.keystorepath.N, SAMLLoginModule option, 3.5.1.4
- issuer.keystoretype.N, SAMLLoginModule option, 3.5.1.4
- issuer-name attribute, 2.1.5.3, 3.5.2.2.2, A.2.17
- issuer.name.N, SAMLLoginModule option, 3.5.1.4
- issuer.trustpointalias.N, SAMLLoginModule option, 3.5.1.4
J
- J2EE client
-
- accessing services secured on the transport level, 4.5.5
- J2SE client
-
- accessing services secured on the transport level, 4.5.5
- JAAS, 1.2.4.1
- JAR files, for security, 4.4
- Java Keystore (JKS), 3.4.1.2, 3.4.2.2, 3.5.1.2, 3.5.2.7, 3.6
-
- certreq command, 3.1.1.2.1
- creating, 3.1.1.2
- creating private keys, 3.1.1.2.1
- genKey command, 3.1.1.2.1
- import command, 3.1.1.2.1, 3.1.1.2.1
- keytool utility, 3.1.1.2.1
- list command, 3.1.1.2.1
- loading certificates, 3.1.1.2.1
- using, 3.1.1.2
- javacache.xml file, 3.3.1.3
- java.security.AccessControlContext, 4.7.1
- java.security.AccessController, 4.7.1
- javax.security.auth.Namecallback, 2.1.5.1, 3.3.2.2
- javax.security.auth.Passwordcallback, 2.1.5.1, 3.3.2.2
- javax.security.auth.Subject, 4.7.1
- javax.xml.rpc.Call, 4.5.5.1
- javax.xml.rpc.Call.PASSWORD_PROPERTY, 4.5.5.1
- javax.xml.rpc.Call.USERNAME_PROPERTY, 4.5.5.1
- javax.xml.rpc.security.auth.password, 4.5.5.1
- javax.xml.rpc.security.auth.username, 4.5.5.1
- javax.xml.rpc.security.auth.username property, 4.5.5.4.1
- javax.xml.rpc.server.ServiceLifecycle, 4.7.2
- javax.xml.rpc.server.ServletEndpointContext, 4.7.2
- javax.xml.rpc.Stub, 3.5.2.3, 4.5.5.1
- javax.xml.rpc.Stub.PASSWORD_PROPERTY, 4.5.5.1
- javax.xml.rpc.Stub.USERNAME_PROPERTY, 4.5.5.1
- jazn-data.xml file, 3.4.1.3
- jazn.xml file, 3.4.1.3, 3.5.1.3
- JDeveloper
-
- support for Oracle Application Server Web Service Security, 1.3.2
K
- key transport algorithms, 2.1.4.5
- key-pass attribute, 2.1.2, 2.1.2, 2.1.5.6, A.2.15
- keys
-
- application keys, creating, 3.1.2.2
- instance keys, creating, 3.1.2.1
- keys, using multiple keys to decrypt messages, decryption
-
- using multiple keys, 3.6.8
- keystore
-
- application keystores, creating, 3.1.2.2
- configuring for an X.509 token, 3.4.1.2
- configuring for SAML token, 3.5.1.2
- configuring for SAMl token, 3.5.2.7
- configuring for X.509 token, 3.4.2.2
- creating, 3.1.1
- defined, 1.1.11.4
- instance keystores, creating, 3.1.2.1
- keystore-related errors
-
- troubleshooting, 6.2
- keytool utility, 3.1.1.2.1
L
- LDAP provider, SAML token authentication, 3.5.3.2
- LDAP repository, 3.4.1.3
- LDAPLoginModule, 3.5.3.2
- local-part attribute, 2.1.4.4, 2.1.4.5, 2.1.5.5, 2.1.5.6, 3.6.3, 3.6.5, 3.6.6, 3.7.4, 3.7.5, A.2.25, A.2.25, A.2.27, A.2.27
M
- mapping-attribute attribute, 3.4.1.3, 3.4.1.3, 3.5.1.3
-
- default values, 3.4.1.3
- message confidentiality errors
-
- troubleshooting, 6.4
- message integrity errors
-
- troubleshooting, 6.3
- message-level security, 1.1.8
- mode attribute, 2.1.4.5, 2.1.5.6, 3.6.5, 3.6.6, A.2.25, A.2.25
N
- name attribute, 2.1.5.1, 2.1.5.3, 3.3.2.1, 3.5.2.2.1, A.2.17, A.2.30
- name identifier formats, for SAML tokens, 3.5.1.3
- Namecallback, 2.1.5.1, 3.3.2.2
- name-format attribute, 2.1.5.3, 3.5.2.2.1, A.2.17
- name-space attribute, 2.1.4.4, 2.1.4.5, 2.1.5.5, 2.1.5.6, 3.6.5, 3.6.6, 3.7.4, 3.7.5, A.2.25, A.2.25, A.2.27, A.2.27
- nonce
-
- configuration, 2.1.3, A.2.13
- digest password configuration, 3.3.1.3
- username token configuration, 3.3.1.1
- non-secured Web services, use cases, 5.1
O
- operation-level policy, 1.1.2.5
- Oracle Access Manager
-
- CoreIDLoginModule, 3.3.3.1, 3.4.3.1, 3.5.3.1
- security provider, 1.2.4.5
- security provider for SAML token, 3.5.3.1
- security provider for username token, 3.3.3.1
- security provider for X.509 token, 3.4.3.1
- Oracle Application Server Web Services Security
-
- Application Server Control support, 1.3.1
- architecture, 1.2.3
- JDeveloper support, 1.3.2
- supported standards, 1.2.1
- tool support, 1.3
- Oracle HTTP Server
-
- third party licenses, C
- Oracle Identity Management (OID), 1.2.4.3
- Oracle Wallet, 3.4.1.2, 3.4.2.2, 3.5.1.2, 3.5.2.7, 3.6
-
- add command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
- cert create command, 3.1.1.3.2
- create command, 3.1.1.3.1
- creating, 3.1.1.3
- creating self-signed certificates, 3.1.1.3.1
- creating user certificates, 3.1.1.3.2
- defined, 1.1.11.4
- display command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
- export command, 3.1.1.3.1, 3.1.1.3.2, 3.1.1.3.2
- orapki utility, 3.1.1.3
- using, 3.1.1.3
- Oracle Web Services Manager (OWSM), 1.3.3
-
- access control, 1.3.3
- policy management, 1.3.3
- single sign-on, 1.3.3
- oracle.security.wss.propagate.identity property, 3.5.2.4, 3.5.3.3
- oracle.security.wss.signwithski property, 3.4.2.3, 3.7.6
- oracle-webservcies.xml deployment descriptor, 1.1.2.1
- oracle-webservices-client-10_0.xsd, 4.5.5.3.2
- oracle-webservices-clients.xsd, 4.5.5.4.2
- oracle-webservices-security-10_0.xsd listing, A.3
- oracle-webservices.xml deployment descriptor, 2, 2, 2, 2, 2.1, 2.1.4, 2.1.5, 3.1.2.2, 3.3.1, 3.3.1.4.3, 3.4.1, 3.4.1.4.3, 3.7.4, 4.1.1, 4.1.1, 4.1.2, 4.2, A, A.2.9, A.2.14
- oracle-werbservices.xml deployment descriptor, 4.5.4
- orapki utility, 3.1.1.3
- orion-ejb-jar.xml deployment descriptor, 4.5.4
- orion-web.xml deployment descriptor, 4.5.4
- outbound elements, 2.1.5
- outbound policy, 1.1.2.2
- output argument (WebServicesAssembler), 4.1.2
P
- password attribute, 2.1.5.1, 3.3.2.1, A.2.30
- password indirection, configuring, 3.1.3
- Passwordcallback, 2.1.5.1, 3.3.2.2
- password-type attribute, 2.1.4.1, 2.1.5.1, 3.3.1.1, A.2.30
- path attribute, 2.1.1
- policies
-
- defined, 1.1.2
- global-level, 1.1.2.3
- inbound policy, 1.1.2.1
- operation-level, 1.1.2.5
- outbound policy, 1.1.2.2
- port-level, 1.1.2.4
- policy management, with Oracle Web Services Manager, 1.3.3
- port-level policy, 1.1.2.4
- private keys, creating with Java Keystore, 3.1.1.2.1
R
- replay attacks, preventing, 3.7.7
- request envelope, defined, 1.1.3
- require-created attribute, 2.1.4.1, 3.3.1.1
- require-nonce attribute, 2.1.4.1, 3.3.1.1
- response envelope, defined, 1.1.4
S
- SAML authority (third party), retrieving a SAML token, 3.5.2.6
- SAML elements, 2.1.4.3
- SAML token
-
- assertion issuer, 3.5.1.4
- assertion subject
-
- configuring by identity propagation, 3.5.2.4
- configuring with Stub properties, 3.5.2.3
- attributes statements, 3.5.2.2.3
- attributes.properties file, 3.5.2.2.3
- authenticating with a third party LDAP provider, 3.5.3.2
- authentication, 3.5.1.4
- authentication statements, 3.5.2.2.3
- client configuration, 3.5.2
- configuring assertion subject name and format, 3.5.2.2.1
- dynamic client configuration, 3.5.2.4
- integrating with security providers, 3.5.3
- issuer name, configuring, 3.5.2.2.2
- keystore configuration, 3.5.1.2, 3.5.2.7
- mapping the assertion subject, 3.5.1.3
- name identifier formats, 3.5.1.3
- Oracle Access Managersecurity provider, 3.5.3.1
- oracle.security.wss.propagate.identity property, 3.5.3.3
- retrieving from a third-party SAML authority, 3.5.2.6
- server configuration, 3.5.1
- setting SAMLLoginModule options, 3.5.1.4
- static and dynamic configurations, combining, 3.5.2.8
- static client configuration, 3.5.2.2
- Stub properties, 3.5.2.3
- writing a callback handler, 3.5.2.5
- SAML token elements, 2.1.5.3, A.2.17
-
- for retrieving SAML tokens, 2.1.5.4, A.2.16
- SAML token profile, use case, 5.3.1.3
- SAML tokens, 1.1.11.3
-
- source URL, 1.2.1
- SAML, configuring Single Sign-On, 3.5.3.3
- SAML, defined, 1.1.7
- SAMLLoginModule, 3.5.1, 3.5.1.2, 3.5.1.3, 3.5.1.4, 3.5.3.2
- SAMLLoginModule options
-
- issuer.keystorepassword.N, 3.5.1.4
- issuer.keystorepath.N, 3.5.1.4
- issuer.keystoretype.N, 3.5.1.4
- issuer.name.N, 3.5.1.4
- issuer.trustpointalias.N, 3.5.1.4
- SAMLP, 2.1.5.4, 3.5.2, A.2.16
- SAMLTokenCallback call back handler, 2.1.5.3, A.2.17
- secure client code, generating, 4.1.1
- secure sockets layer, use case, 5.2.1
- secure Web service
-
- assembling, 4
- assembling bottom up, 4.1.2
- assembling top down (from a WSDL), 4.1.1
- security
-
- administration, 3
- client JAR files, 4.4
- message-level, 1.1.8
- threats and solutions, B
- transport-level, 1.1.9
- security elements, described, 2.1
- security framework
-
- integration with interceptors, 1.2.4
- security providers
-
- integrating with SAML tokens, 3.5.3
- integrating with security tokens, 3.2
- integrating with username tokens, 3.3.3
- integrating with X.509 tokens, 3.4.3
- security schema, listing, A.3
- security tokens
-
- integrating with security providers, 3.2
- self-signed certificates, 3.1.1.3.1
- sender-vouches (signed) confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
-
- configuring, 3.5.2.2.5
- sender-vouches (unsigned) confirmation method, 3.5.1, 3.5.1.2, 3.5.2, 3.5.2.7
- sender-vouches (unsigned) confirmation method, configuring, 3.5.2.2.6
- Sender-Vouches attribute, 2.1.4.3, 2.1.5.3, A.2.3
- Sender-Vouches-Unsigned attribute, 2.1.4.3, 2.1.5.3, A.2.3
- server
-
- accessing user credentials, 4.7
- server-side security configuration files, 4.2
- service endpoint interface, 4.1.1
- service interceptor, 1.2.2, 1.2.2.1
- ServiceLifeCycle interface, to access user credentials, 4.7.2
- ServletEndpointContext interface, to access user credentials, 4.7.2
- signature
-
- algorithms, 2.1.5.5
- computing, 1.1.5
- configuring, 3.7
- configuring for inbound messages, 3.7.2
- configuring for outbound messages, 3.7.1
- defined, 1.1.5
- elements, 2.1.5.5
- signing a SOAP message body, 3.7.3
- signing a SOAP message element, 3.7.4
- signwithski property, 3.4.2.3, 3.7.6
- using a subject key identifier, 3.7.6
- verifying signature for SOAP message elements, 3.7.5
- signature key element, 2.1.2, A.2.6, A.2.20
- signature verification elements, 2.1.4.4, A.2.32
- signwithski property, 3.4.2.3, 3.7.6
- Single Sign-On, configuring with SAML, 3.5.3.3
- single sign-on, with Oracle Web Services Manager, 1.3.3
- SOAP message body
-
- encrypting, 3.6.3
- signing, 3.7.3
- SOAP message elements
-
- decrypting, 3.6.6
- encrypting, 3.6.5
- signing, 3.7.4
- verifying signature, 3.7.5
- SOAP, defined, 1.1.1
- source URL
-
- SAML tokens, 1.2.1, 1.2.1
- username tokens, 1.2.1
- Web Service Interoperability, 1.2.1
- XML Digital Signature, 1.2.1
- XML encryption, 1.2.1
- standards
-
- supported by Oracle Application Server Web Services Security, 1.2.1
- store-pass attribute, 2.1.1
- Stub interface, 3.5.2.3, 4.5.5.1
- Stub properties, for the username token, 3.3.2.3
- Stub.PASSWORD_PROPERTY, 2.1.5.1, 3.3.2.3, 4.5.5.2
- Stub.USERNAME_PROPERTY, 2.1.5.1, 3.3.2.3, 3.5.2.3, 4.5.5.2
- Subject class, to access user credentials, 4.7.1
- subject key identifier
-
- authenticating an X.509 token, 3.4.2.3
- signing, 3.7.6
- system-jazn-data.xml file, 3.1.3, 3.3.3.1, 3.5.3.2, 4.3.3
T
- testing deployment, 4.1.1, 4.1.2
- third party licenses, C
- timestamps, in replay attack prevention, 3.7.7
- token-based authentication
-
- use case, 5.3.1
- tokens
-
- SAML, 1.1.11.3
- username, 1.1.11.1
- X.509, 1.1.11.2
- tool support
-
- username token, 3.3.2.4
- X.509 token, 3.4.1.4, 3.4.2.5
- top down Web service assembly, 4.1.1
- topDownAssemble command (WebServicesAssembler tool), 4.1.1
- transport level security, 1.1.9
-
- accessing Web services, 4.5.5
- basic authentication, 4.5.1
- client certification authentication, 4.5.3
- digest authentication, 4.5.2
- transport level security, for EJBs, 4.5.4
- troubleshooting
-
- authentication errors, 6.5
- general errors, 6.1
- keystore-related errors, 6.2
- message confidentiality errors, 6.4
- message integrity errors, 6.3
- type attribute, 2.1.1
U
- use cases
-
- basic authentication, 5.2.2.1
- basic Web service, 5.1.1
- complex business processes, 5.1.2
- digest authentication, 5.2.2.2
- federated Web services, 5.1.4
- gateways, 5.6
- HTTP security, 5.2
- identity management, 5.7
- interoperability, 5.8
- non-secured Web services, 5.1
- Oracle Web Services Manager (OWSM), 1.3.3
- SAML token profile, 5.3.1.3
- secure sockets layer, 5.2.1
- token-based authentication, 5.3.1
- username token profile, 5.3.1.1
- Web service intermediaries, 5.1.3
- WS-Security, 5.3
- X.509 token profile, 5.3.1.2
- XML encryption, 5.5
- XML signature, 5.4
- user certificates, 3.1.1.3.2
- user credentials
-
- accessing on the server side, 4.7
- username property, 4.5.5.4.1
- username token, 1.1.11.1
-
- client configuration, 3.3.2
- configuration for the client-side, port level, 4.3.1
- configuration for the server-side, operation level, 4.2.2
- configuration for the server-side, port level, 4.2.1
- configuring nonce cache, 3.3.1.3
- elements, 2.1.5.1, A.2.30
- integrating with security providers, 3.3.3
- nonce details, 3.3.1.1
- Oracle Access Manager security provider, 3.3.3.1
- passing the user name and password, 3.3.2.3
- password details, 3.3.1.1
- server configuration, 3.3.1
- server-side configuration file, 4.2.1
- source URL, 1.2.1
- Stub properties, 3.3.2.3
- tool support, 3.3.2.4
- writing a callback handler, 3.3.2.2
- username token authentication, accessing services, 4.5.5.3.2, 4.5.5.4.2
- username token profile, use case, 5.3.1.1
V
- value attribute, 3.4.2.3, 3.7.6
W
- Web Service Home Page, 4.1.2
- Web service intermediaries, use case, 5.1.3
- Web Service Interoperability
-
- source URL, 1.2.1
- Web Service Test Page, 4.1.1
- WebServicesAssembler tool
-
- described, 4.6
- support for username token, 3.3.2.4.2
- support for X.509 token, 3.4.1.4.3, 3.4.2.5.2
- webservices.xml JAX-RPC deployment descriptor, 4.1.1
- web.xml Web deployment descriptor, 4.1.1
- wsmgmt.xml configuration file, 2, 2, 2
- WS-Security username token authentication, 4.5.5.3.2, 4.5.5.4.2
- WS-Security, defined, 1.1.10
- WS-Security, use case, 5.3
X
- X.509 certificate
-
- mapping to users, 3.4.1.3
- X.509 token, 1.1.11.2
-
- authenticating, 3.4.2.3
- client configuration, 3.4.2
- elements, 2.1.5.2, A.2.36
- integrating with security providers, 3.4.3
- keystore configuration, 3.4.2.2
- Oracle Access Manager security provider, 3.4.3.1
- server configuration, 3.4.1
- source URL, 1.2.1
- tool support, 3.4.1.4, 3.4.2.5
- X.509 token profile, use case, 5.3.1.2
- XML Digital Signature, source URL, 1.2.1
- XML encryption
-
- use cases, 5.5
- XML encryption, source URL, 1.2.1
- XML repository, 3.4.1.3
- XML signature
-
- use cases, 5.4
- XML signature and encryption
-
- client-side
-
- configuration file, 4.3.2
- port level, 4.3.2
- server-side
-
- configuration file, 4.2.3, 4.2.4
- operation level, 4.2.4
- port level, 4.2.3