Administer Web Services Security
To secure web services, we must consider a broad set of security requirements, including authentication, authorization, privacy, trust, integrity, confidentiality, secure communications channels, delegation, and auditing across a spectrum of application and business topologies. We can choose to configure Web Services Security for the application level, the server level or the cell level, depending upon the environment and security needs.
Subtopics
- Configure HTTP outbound transport level security with the administrative console
- Configure HTTP outbound transport level security using Java properties
- Configure HTTP basic authentication for JAX-RPC web services with the administrative console
- Building XPath expressions for WS-Security
- Configure custom properties to secure web services
- Service Programming Interfaces (SPI)
- Administer message-level security for JAX-WS web services
- Administer message-level security for JAX-RPC web services
- Enable cryptographic keys stored in hardware devices for Web Services Security
- Configure XML digital signature for v5.x web services with the administrative console
- Configure XML encryption for v5.x web services with the administrative console
- Building XPath expressions for WS-Security