Web Services Security concepts for v5.x applications
IBM supports Web Services Security, which is an extension of the IBM web services engine, to provide a quality of service. The WebSphere Application Server security infrastructure fully integrates Web Services Security with the Java EE security specification.
Subtopics
- Web Services Security specification-a chronology
- Web Services Security support
- Web Services Security and Java Platform, Enterprise Edition security relationship
- Web Services Security model in WAS
- Propagate security tokens
- Web Services Security constraints
- Overview of authentication methods
- Overview of token types
- XML digital signature
- Default binding
- ws-security.xml file - Default configuration for WAS ND
- Trust anchors
- Collection certificate store
- Key locator
- Keys
- Trusted ID evaluator
- Login mappings
- XML encryption
- Request sender
- Request receiver
- Response sender
- Response receiver
- Identity assertion in a SOAP message
- Security token
- Pluggable token support