Go to main content
1/8
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in This Guide
New and Changed Features for Release 12
c
(12.1.3)
New and Changed Features for Release 12
c
(12.1.2)
Other Significant Changes in this Book for Release 12
c
(12.1.2)
1
Introducing Oracle Web Services Manager
1.1
OWSM Overview
1.2
OWSM Features
1.3
OWSM Architecture
2
Understanding the OWSM Policy Framework
2.1
Overview of OWSM Policy Framework
2.1.1
OWSM Policy Framework Components
2.1.2
OWSM Agent and Policy Manager Interaction
2.1.3
OWSM Agent and Policy Manager Characteristics
2.1.4
OWSM Agent and Policy Manager Request Flow
2.1.5
OWSM Configuration Artifacts
2.2
Understanding Policies
2.3
Building Policies Using Policy Assertions
2.3.1
Defining Multiple Policy Alternatives (OR Groups)
2.4
Understanding Policy Subjects
2.5
Attaching Policies to Policy Subjects
2.5.1
Direct Policy Attachment
2.5.2
Global Policy Attachments Using Policy Sets
2.5.2.1
Subject Types and Scope of Resources
2.5.2.2
Typical Uses for Global Policy Attachments
2.6
How Policies are Executed
2.7
OWSM Predefined Policies and Assertion Templates
2.8
Overriding Security Policy Configuration
2.9
Recommended Naming Conventions for Policies
3
Understanding Web Service Security Concepts
3.1
Overview of Web Service Security
3.1.1
Web Service Security Requirements
3.2
Understanding Transport-level and Application-level Security
3.3
Understanding Authentication
3.3.1
Digest Authentication
3.4
Understanding Authorization
3.5
Understanding Message Protection
3.5.1
Message Encryption
3.5.2
Message Signing (XML Signature)
3.6
Understanding Keys and Certificates
3.6.1
Overview of Private Keys and Certificates
3.6.2
How Different Security Policies Use Private Keys and Certificates
3.6.2.1
Message Protection Policy Types
3.6.2.2
Authentication Token Policy Types
3.6.3
How OWSM Locates Keystore And Key Passwords for the JKS Keystore
3.6.4
Setting Up Private Keys and Certificates for SSL Policies
3.6.5
Setting up Private Keys and Certificates for Message Protection Policies
3.7
How OWSM Uses the Credential Store
3.8
Understanding Security Policies
3.9
Understanding Security Tokens
3.9.1
Username Token
3.9.2
X.509 Certificate
3.9.3
Kerberos Token
3.9.4
SAML Token
3.10
Understanding Secure Attachments
3.11
Understanding Secure Conversation
3.11.1
Why Use WS-SecureConversation
3.11.1.1
Using WS-SecureConversation With WS-ReliableMessaging
3.11.2
WS-SecureConversation Architecture
3.11.3
When To Use WS-SecureConversation
3.11.4
When To Use Re-Authentication
3.11.5
Setting the Bootstrap Mode
3.11.6
Persistence
3.11.6.1
Default Domain-Wide Persistence Implementation
3.11.6.2
Client- and Web Service-Specific Persistence Implementation
3.12
Understanding the Kerberos Protocol
3.12.1
Credential Delegation in Kerberos
3.12.2
Kerberos and SPNEGO
3.12.3
Kerberos and WS-SecureConversation Derived Keys
3.13
Understanding Web Services Addressing
3.14
Understanding Web Services Trust
3.15
Understanding Web Services ReliableMessaging
3.16
Understanding Fine-Grained Authorization Using Oracle Entitlements Server
3.16.1
Prerequisite OES Reading
3.16.2
OES Integration: The Big Picture
3.16.2.1
Data Masking
3.16.2.2
Obligations
3.16.2.3
OES Fine- and Coarse-Grained Authorization
3.16.3
OWSM OES Policies
3.16.4
Resource Mapping and Naming
3.16.4.1
Example of OES Policies
3.16.5
How Attributes Are Processed
3.16.6
Use of Guard Element
3.17
Understanding Personally Identifiable Information
3.17.1
Overview of PII Data
3.17.1.1
Understanding the PII Security Policy
3.17.2
PII Policy XPath Expressions
3.17.3
When Can You Use the PII Policy?
3.17.3.1
Single SOA Composite Use Case
3.17.3.2
PII at the JCA Binding Use Case
3.17.4
Who Should Have Access to the PII?
3.17.5
Additional Considerations for Unmarshalling
A
Web Service Security Standards
Scripting on this page enhances content navigation, but does not change the content in any way.