Part III Securing Web Services
This part describes how to configure your web service for message protection, SSL, authentication, and authorization. You can also integrate various hardware modules with Oracle Web Services Manager (OWSM).
Topics:
-
Configuring Message Protection for Web Services, describes how to work with keystores and credential stores. It also describes how to use identity extensions and how to cache the nonce using Oracle Coherence.
-
Protecting Personally Identifiable Information, describes how to protect Personally Identifiable Information (PII) using the PII security policy.
-
Configuring Transport-Level Security (SSL), describes how to work with transport-level security in the form of SSL. It describes how to configure one-way and two-way SSL for WebLogic Server and for web service clients. It also describes how to configure SSL for Oracle HTTP Server.
-
Configuring Authorization Using Oracle Web Services Manager, describes how to configure authorization in OWSM, such as determining which resources to protect, and setting authorization permissions and an OPSS resource name. It also describes how to configure fine-grained authorization using OES.
-
Configuring Authentication Using Oracle Web Services Manager, describes how to configure authentication in OWSM, including authentication providers, digest authentication, SAML, Kerberos, ActiveDirectory, WS-Trust, and identity extensions.
-
Configuring Secure Conversation Using Oracle Web Services Manager, describes how to configure WS-SecureConversation.
-
Integrating Hardware with Oracle Web Services Manager, describes how to integrate Web Services Manager with various hardware security modules and for Oracle SPARC T4 and SPARC T5 cryptographic acceleration.