Oracle Web Services Manager: Securing your Web Services
Web services (WS) provide a simple, standardized way to connect applications over the Internet, however they require management of security and other run-time operations to work effectively. Oracle Web Services Manager is a software solution for managing the operations of web services and the interactions between these services.
This book explains the business reasons why web services security is required and gives an architectural overview of WS Security for an enterprise. It then provides details about the Oracle Web Service Manager product and how it can be leveraged to address the key security issues of Confidentiality, Integrity, Authentication, and Authorization. Whilst addressing these key issues, the book describes them fully with examples. It ends with a couple of unique features: one is the various options available for a successful deployment and the other is an explanation, in depth, of how the security components work.
This book not only describes the need for web services security but also explains, with detailed examples, how to define security policies and enforce those policies using Oracle Web Services Manager (WSM).
This book emphasizes how to use Oracle WSM to address various security use cases with detailed step-by-step examples to learn Oracle Web Service Manager.
What you will learn from this book :
Chapter 1 gives an introduction to web services security â€“ the need for it, what are the security options, and even a quick look at Return on Investment in web services security
Chapter 2 discusses the need for centralized management of web services, policy definition, and policy enforcement with a quick introduction to Oracle Web Services Manager.
In the first two chapters we discussed the need for web services security and in Chapter 3 we take a closer look at the architecture of Oracle Web Services Manager and how to address the web services security requirements.
In Chapter 4 we explore how Oracle WSM can be leveraged to authenticate and authorize web services requests.
In Chapter 5 we take a closer look at how we can leverage Oracle WSM to protect the confidentiality of messages.
In Chapter 6 we describe in detail how to digitally sign and verify messages in web services using Oracle Web Services Manager.
In Chapter 7 we will take a look at how to implement a custom policy step in Oracle Web Services Manager.
In Chapter 8 we discuss the various components of Oracle WSM and how they can be deployed to ensure high availability and scalability.
Chapter 9 discusses in detail how to manage the OWSM environment from an operational stand point i.e. how the monitoring works.
In web Services, encrypted XML is represented in an interoperable standard format such as XML Encryption; in Chapter 10 we take a closer look at the XML Encryption standard from W3C.
In Chapter 11 we take a closer look at XML Signature Specification from W3C. XML Signature is an interoperable industry standard that addresses how digitally signed messages are represented or described in an XML format and OWSM can digitally sign and verify web service messages.
In Chapter 12 we discuss the importance of digitally signing and encrypting the same message or data element and how to implement this using Oracle Web Services Manager.
In Chapter 13 we take a closer look at the Integrated Web Services Security Solution.
Who this book is written for
It is mainly for Developers and Architects who want to learn how to use Oracle WSM to address the security challenges of web services and those who want to learn how to use Oracle WSM to address their security needs.
If you have a basic knowledge of web services then this book will help you understand the need for security and how to use Oracle WSM to address the security challenges.Book Details