Integrating XACML into JAX-WS and WSIT
|
|
- Wesley Hood
- 8 years ago
- Views:
Transcription
1 Integrating XACML into JAX-WS and WSIT Prof. Dr. Eric Dubuis Berner Fachhochschule Biel May 25, 2012
2 Overview Problem and Motivation Enforcing the Access Policy JAX-WS Handler Framework WSIT Validators References May 25, 2012 Integrating XACML into JAX-WS and WSIT 2
3 Motivation: What's the Problem to Solve? trust relationship STS 2 web service STS 1 SAML+ payload Security Domain 1 requestor Problem: How can we use XACML at this point? Security Domain 2 May 25, 2012 Integrating XACML into JAX-WS and WSIT 3
4 Elements for Authorizing Access to a Service To protect a resource, we need a security handler to gather information such as user, and other parameters a Policy Enforcement Point (PEP) that delegates the decision making enforces the access decision a Policy Decision Point (PDP) knows rules We must integrate a PEP into our web service implementation May 25, 2012 Integrating XACML into JAX-WS and WSIT 4
5 Enter the World of JAX-WS Handlers JAX-WS provides a framework for handlers There are two types of handlers: Logical operate on MessageContext properties and message payloads are protocol (HTTP, SOAP) agnostic cannot affect protocol specific parts of the message implement javax.xml.ws.handler.logicalhandler Protocol operate on MessageContext properties and specific messages are specific to a protocol can change protocol specific parts of the message implement any interface derived from javax.xml.ws.handler.handler except javax.xml.ws.handler.logicalhandler of particular interest: javax.xml.ws.handler.soap.soaphandler May 25, 2012 Integrating XACML into JAX-WS and WSIT 5
6 JAX-WS Handler Architecture Endpoint +getbinding(): Binding 1 1 Binding BindingProvider 1 1 +gethandlerchain(): List +sethandlerchain(l: List): void 1 +getbinding(): Binding 0..* Proxy Dispatch Handler<T> Adapted from: JAX-WS 2.1, JSR 224, p. 112 May 25, 2012 Integrating XACML into JAX-WS and WSIT 6
7 JAX-WS Handler Class Hierarchy Handler<MessageContext> +init(map<string>, Object>): void +destroy(): void +handlemessage(messagecontext): boolean +handlefault(messagecontext):boolean +close(messagecontext): void LogicalHandler<LogicalMessageContext> MessageContext contains the SOAP message as a DOM tree SOAPHandler<SOAPMessageContext> +getheaders(): Set<QName> Adapted from: JAX-WS 2.1, JSR 224, p. 113 May 25, 2012 Integrating XACML into JAX-WS and WSIT 7
8 Configuration: Handler Ordering The service has a HandlerResolver The HandlerResolver maintains a set of Handler objects Upon Proxy or Dispatch object creation, a BindingProvider creates a Binding instance The Binding instance has a chain of Handler objects :Service :HandlerResolver :L1 :P1 :P2 :L2 :P3 :P4 :P5 :L3 :P6 :L4 :BindingProvider :Binding :L1 :L2 :L3 :L4 :P1 :P2 :P3 :P4 :P5 :P6 Adapted from: JAX-WS 2.1, JSR 224, p. 115 May 25, 2012 Integrating XACML into JAX-WS and WSIT 8
9 How Does it Work? Handler config May 25, 2012 Integrating XACML into JAX-WS and WSIT 9
10 HandlerChain Annotation The javax.jws.handlerchain [JSR-181] annotation may be used to specify the handler chain in a declarative way = some_handler_chain.xml ) public class StockQuoter {... } <jws:handler-chains xmlns:jws=" <jws:handler-chain><!-- Remember: handler order for outbound messages! --> <jws:handler> <jws:handler-class>org.example.handler.handler1</jws:handler-class> </jws:handler> <jws:handler> <jws:handler-class>org.example.handler.handler2</jws:handler-class> </jws:handler> </jws:handler-chain> </jws:handler-chains> May 25, 2012 Integrating XACML into JAX-WS and WSIT 10
11 Handler Execution When called, method handlemessage: Consult the JAX-WS API for handlefault returns true: Indicates that normal message processing should continue returns false: Indicates that normal message processing should stop See specification for the two different kinds of action that can happen throws ProtocolException of a subclass thereof: Indicates that normal message processing should stop See specification for the two different kinds of action that can happen throws any other kind of exception: Indicates that normal message processing should stop See specification for the two different kinds of action that can happen May 25, 2012 Integrating XACML into JAX-WS and WSIT 11
12 Skeleton of a Protocol Handler Here is the skeleton of a SOAP protocol handler import javax.xml.soap.soapmessage; import javax.xml.ws.handler.messagecontext; import javax.xml.ws.handler.soap.soaphandler; import javax.xml.ws.handler.soap.soapmessagecontext; public class SomeHandler implements SOAPHandler<SOAPMessageContext> { public boolean handlemessage(soapmessagecontext messagecontext) { try { SOAPMessage msg = messagecontext.getmessage(); // do normal processing here... return true; } catch (Exception ex) { return false; // or throw a ProtocolException } } } May 25, 2012 Integrating XACML into JAX-WS and WSIT 12
13 Handler Acting as PEP Introduce a handler that acts as a PEP (imports not shown): public class SomeHandler implements SOAPHandler<SOAPMessageContext> {... public boolean handlemessage(soapmessagecontext messagecontext) { try { SOAPMessage msg = messagecontext.getmessage(); Boolean outboundproperty = (Boolean) context.get(messagecontext.message_outbound_property); if (!outboundproperty) { FilePolicyModule policymodule = new FilePolicyModule(); policymodule.addpolicy("/path/to/policy-file.xml ); // hack only // compose request in terms of values in message if (response_ok) return true; else throw new ProtocolException( Some message goes here... ); } return true; } catch (Exception ex) { return false; } // or throw a ProtocolException } } May 25, 2012 Integrating XACML into JAX-WS and WSIT 13
14 WSIT: Validators WSIT is based on JAX-WS WSIT add another conceptual layer: Validators, a special kind of Callbacks JAX-WS handlers are DOM-based By default, WSIT validators are XML stream-based In general, there is no need to write your own validator, but you configure the use of existing validators (for Username tokens, for X.509 certificates, and for SAML assertions) May 25, 2012 Integrating XACML into JAX-WS and WSIT 14
15 Example of a SAML Validator Here is a skeleton of a SALM validator: import com.sun.xml.wss.impl.callback.samlassertionvalidator; import javax.xml.stream.xmlstreamexception; import javax.xml.stream.xmlstreamreader; public class SAMLValidator implements SAMLAssertionValidator { DOM... public void validate(element arg0) throws SAMLValidationException { } //... } public void validate(xmlstreamreader parser) throws SAMLValidationException { //... XML Stream Reader } allows for efficient processing... May 25, 2012 Integrating XACML into JAX-WS and WSIT 15
16 Comments for the SAML Validator Called upon the processing of a SAML assertion must be started. No other context information is available. By default, WSIT uses XML security streaming. You can specify your validator by adding the following policy to the wsit-service.xml configuration file: <wsp:all>... <sc:validatorconfiguration wspp:visibility="private" xmlns:sc=" xmlns:wspp=" > <sc:validator name="samlassertionvalidator" classname="org.example.saml.samlvalidator"/> </sc:validatorconfiguration> </wsp:all> must have that name May 25, 2012 Integrating XACML into JAX-WS and WSIT 16
17 References Technik und Informatik [XACML] extensible Access Control Markup Language (XACML) Version Sun's XACML Tutorial Sun's XACML Implementation [JSR-181] Web Services Metadata for the JavaTM Platform [JSR-224] Java API for XML-Based Web Services (JAX-WS) JAX-WS Handlers Custom Security Policy Assertions in Metro Ashutosh's Blog, Wednesday September 19, WSIT Security Configuration Demystified May 25, 2012 Integrating XACML into JAX-WS and WSIT 17
Java Web Services Training
Java Web Services Training Duration: 5 days Class Overview A comprehensive look at the state of the art in developing interoperable web services on the Java EE 6 platform. Students learn the key standards
More informationJAVA API FOR XML WEB SERVICES (JAX-WS)
JAVA API FOR XML WEB SERVICES (JAX-WS) INTRODUCTION AND PURPOSE The Java API for XML Web Services (JAX-WS) is a Java programming language API for creating web services. JAX-WS 2.0 replaced the JAX-RPC
More informationJVA-561. Developing SOAP Web Services in Java
JVA-561. Developing SOAP Web Services in Java Version 2.2 A comprehensive look at the state of the art in developing interoperable web services on the Java EE 6 platform. Students learn the key standards
More informationITS. Java WebService. ITS Data-Solutions Pvt Ltd BENEFITS OF ATTENDANCE:
Java WebService BENEFITS OF ATTENDANCE: PREREQUISITES: Upon completion of this course, students will be able to: Describe the interoperable web services architecture, including the roles of SOAP and WSDL.
More informationJAX-WS Developer's Guide
JAX-WS Developer's Guide JOnAS Team ( ) - March 2009 - Copyright OW2 Consortium 2009 This work is licensed under the Creative Commons Attribution-ShareAlike License. To view a copy of this license,visit
More informationNetBeans IDE Field Guide
NetBeans IDE Field Guide Copyright 2005 Sun Microsystems, Inc. All rights reserved. Table of Contents Extending J2EE Applications with Web Services...1 Consuming Existing Web Services...2 Implementing
More informationrpafi/jl open source Apache Axis2 Web Services 2nd Edition using Apache Axis2 Deepal Jayasinghe Create secure, reliable, and easy-to-use web services
Apache Axis2 Web Services 2nd Edition Create secure, reliable, and easy-to-use web services using Apache Axis2 Deepal Jayasinghe Afkham Azeez v.? w rpafi/jl open source I I I I community experience distilled
More informationDeveloping Java Web Services
Page 1 of 5 Developing Java Web Services Hands On 35 Hours Online 5 Days In-Classroom A comprehensive look at the state of the art in developing interoperable web services on the Java EE platform. Students
More informationCopyright 2012, Oracle and/or its affiliates. All rights reserved.
1 OTM and SOA Mark Hagan Principal Software Engineer Oracle Product Development Content What is SOA? What is Web Services Security? Web Services Security in OTM Futures 3 PARADIGM 4 Content What is SOA?
More informationImproving performance for security enabled web services. - Dr. Colm Ó héigeartaigh
Improving performance for security enabled web services - Dr. Colm Ó héigeartaigh Agenda Introduction to Apache CXF WS-Security in CXF 3.0.0 Securing Attachments in CXF 3.0.0 RS-Security in CXF 3.0.0 Some
More informationWeb Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.
Web Services Security: OpenSSO and Access Management for SOA Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.com 1 Agenda Need for Identity-based Web services security Single Sign-On
More informationWEB SERVICES. Revised 9/29/2015
WEB SERVICES Revised 9/29/2015 This Page Intentionally Left Blank Table of Contents Web Services using WebLogic... 1 Developing Web Services on WebSphere... 2 Developing RESTful Services in Java v1.1...
More information000-371. Web Services Development for IBM WebSphere Application Server V7.0. Version: Demo. Page <<1/10>>
000-371 Web Services Development for IBM WebSphere Application Server V7.0 Version: Demo Page 1. Which of the following business scenarios is the LEAST appropriate for Web services? A. Expanding
More informationEuropean Access Point for Truck Parking Data
Delegated Regulation (EU) N 885/2013 of 15 May 2013 with regard to the provision of information services for safe and secure parking places for trucks and commercial vehicles European Access Point for
More informationSoftware Requirement Specification Web Services Security
Software Requirement Specification Web Services Security Federation Manager 7.5 Version 0.3 (Draft) Please send comments to: dev@opensso.dev.java.net This document is subject to the following license:
More informationModule 13 Implementing Java EE Web Services with JAX-WS
Module 13 Implementing Java EE Web Services with JAX-WS Objectives Describe endpoints supported by Java EE 5 Describe the requirements of the JAX-WS servlet endpoints Describe the requirements of JAX-WS
More informationDeveloping Web Services Applications
Redpaper Martin Keen Rafael Coutinho Sylvi Lippmann Salvatore Sollami Sundaragopal Venkatraman Steve Baber Henry Cui Craig Fleming Developing Web Services Applications This IBM Redpaper publication introduces
More informationSPML (Service Provisioning Markup Language) and the Importance of it within the Security Infrastructure Framework for ebusiness
Interoperability Summit 2002 SPML (Service Provisioning Markup Language) and the Importance of it within the Security Infrastructure Framework for ebusiness Gavenraj Sodhi Senior Technology Analyst Provisioning
More informationBiometric Single Sign-on using SAML Architecture & Design Strategies
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan Java Technology Architect Sun Microsystems Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand
More informationSecure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact
Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Robert C. Broeckelmann Jr., Enterprise Middleware Architect Ryan Triplett, Middleware Security Architect Requirements
More informationJAVA API FOR XML WEB SERVICES INTRODUCTION TO JAX-WS, THE JAVA API FOR XML BASED WEB SERVICES (SOAP, WSDL)
JAX-WS JAX-WS - Java API for XML Web Services JAVA API FOR XML WEB SERVICES INTRODUCTION TO JAX-WS, THE JAVA API FOR XML BASED WEB SERVICES (SOAP, WSDL) Peter R. Egli INDIGOO.COM 1/20 Contents 1. What
More informationWeb Services Technologies Examples from the Mainstream
Web Services Technologies Examples from the Mainstream Alessandro Ricci a.ricci@unibo.it june 2009 Outline Brief overview of the architecture of two main Web Service stack implementations Java Metro Apache
More informationThis Working Paper provides an introduction to the web services security standards.
International Civil Aviation Organization ATNICG WG/8-WP/12 AERONAUTICAL TELECOMMUNICATION NETWORK IMPLEMENTATION COORDINATION GROUP EIGHTH WORKING GROUP MEETING (ATNICG WG/8) Christchurch New Zealand
More informationConcrete uses of XML in software development and data analysis.
Concrete uses of XML in software development and data analysis. S. Patton LBNL, Berkeley, CA 94720, USA XML is now becoming an industry standard for data description and exchange. Despite this there are
More informationExamples with.net & PHP. Martin Haagen, QlikTech, Systems Manager; CRM @sehaagen
Integrations using Web Services Examples with.net & PHP Martin Haagen, QlikTech, Systems Manager; CRM @sehaagen Martin Haagen Systems Manager; CRM @sehaagen Introduction Martin Haagen, QlikTech What We
More informationOnset Computer Corporation
Onset, HOBO, and HOBOlink are trademarks or registered trademarks of Onset Computer Corporation for its data logger products and configuration/interface software. All other trademarks are the property
More informationIdentity Management im Liberty Alliance Project
Rheinisch-Westfälische Technische Hochschule Aachen Lehrstuhl für Informatik IV Prof. Dr. rer. nat. Otto Spaniol Identity Management im Liberty Alliance Project Seminar: Datenkommunikation und verteilte
More informationBiometric Single Sign-on using SAML
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan CISSP Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand the importance of Single Sign-On
More informationSOA Fundamentals For Java Developers. Alexander Ulanov, System Architect Odessa, 30 September 2008
SOA Fundamentals For Java Developers Alexander Ulanov, System Architect Odessa, 30 September 2008 What is SOA? Software Architecture style aimed on Reuse Growth Interoperability Maturing technology framework
More informationREST and SOAP Services with Apache CXF
REST and SOAP Services with Apache CXF Andrei Shakirin, Talend ashakirin@talend.com ashakirin.blogspot.com/ Agenda Introduction in Apache CXF New CXF features Project using Apache CXF How CXF community
More informationSingle Sign-On Implementation Guide
Single Sign-On Implementation Guide Salesforce, Winter 16 @salesforcedocs Last updated: November 4, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationWeb Services Development In a Java Environment
Web Services Development In a Java Environment SWE 642, Spring 2008 Nick Duan April 16, 2008 1 Overview Services Process Architecture XML-based info processing model Extending the Java EE Platform Interface-driven
More informationSingle Sign-On Implementation Guide
Single Sign-On Implementation Guide Salesforce, Summer 15 @salesforcedocs Last updated: July 1, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationWeb Service Development Using CXF. - Praveen Kumar Jayaram
Web Service Development Using CXF - Praveen Kumar Jayaram Introduction to WS Web Service define a standard way of integrating systems using XML, SOAP, WSDL and UDDI open standards over an internet protocol
More informationSoftware Design Document Securing Web Service with Proxy
Software Design Document Securing Web Service with Proxy Federated Access Manager 8.0 Version 0.3 Please send comments to: dev@opensso.dev.java.net This document is subject to the following license: COMMON
More informationEnterprise Applikation Integration und Service-orientierte Architekturen. 10 Webservices Addons
Enterprise Applikation Integration und Service-orientierte Architekturen 10 Webservices Addons Überblick über die Spezifikationen http://www.ws-universe.com/index.html [28.04.2010] Prof. Dr. Holger Wache
More information1 What Are Web Services?
Oracle Fusion Middleware Introducing Web Services 11g Release 1 (11.1.1) E14294-04 January 2011 This document provides an overview of Web services in Oracle Fusion Middleware 11g. Sections include: What
More informationMiddleware and the Internet. Example: Shopping Service. What could be possible? Service Oriented Architecture
Middleware and the Internet Example: Shopping Middleware today Designed for special purposes (e.g. DCOM) or with overloaded specification (e.g. CORBA) Specifying own protocols integration in real world
More informationWeb Services Security with SOAP Security Proxies
Web Services Security with Security Proxies Gerald Brose, PhD Technical Product Manager Xtradyne Technologies AG OMG Web Services Workshop USA 22 April 2003, Philadelphia Web Services Security Risks! Exposure
More informationHOBOlink Web Services V2 Developer s Guide
HOBOlink Web Services V2 Developer s Guide Onset Computer Corporation 470 MacArthur Blvd. Bourne, MA 02532 www.onsetcomp.com Mailing Address: P.O. Box 3450 Pocasset, MA 02559-3450 Phone: 1-800-LOGGERS
More informationIntroduction into Web Services (WS)
(WS) Adomas Svirskas Agenda Background and the need for WS SOAP the first Internet-ready RPC Basic Web Services Advanced Web Services Case Studies The ebxml framework How do I use/develop Web Services?
More informationMiddleware and the Internet
Middleware and the Internet Middleware today Designed for special purposes (e.g. DCOM) or with overloaded specification (e.g. CORBA) Specifying own protocols integration in real world network? Non-performant
More informationA Web Service Architecture for Enforcing Access Control Policies
VODCA 2004 Preliminary Version A Web Service Architecture for Enforcing Access Control Policies Claudio Agostino Ardagna 1, Ernesto Damiani 2, Sabrina De Capitani di Vimercati 3, Pierangela Samarati 4
More informationVALLIAMMAI ENGINEERING COLLEGE SRM NAGAR, KATTANKULATHUR-603203 DEPARTMENT OF COMPUTER APPLICATIONS SUBJECT : MC7502 SERVICE ORIENTED ARCHITECTURE
VALLIAMMAI ENGINEERING COLLEGE SRM NAGAR, KATTANKULATHUR-603203 DEPARTMENT OF COMPUTER APPLICATIONS QUESTION BANK V SEMESTER MCA SUBJECT : MC7502 SERVICE ORIENTED ARCHITECTURE PART A UNIT I 1. What is
More informationUsing XACML Policies as OAuth Scope
Using XACML Policies as OAuth Scope Hal Lockhart Oracle I have been exploring the possibility of expressing the Scope of an OAuth Access Token by using XACML policies. In this document I will first describe
More informationCICS Web Service Security. Anthony Papageorgiou IBM CICS Development March 13, 2012 Session: 10282
Web Service Security Anthony Papageorgiou IBM Development March 13, 2012 Session: 10282 Agenda Web Service Support Overview Security Basics and Terminology Pipeline Security Overview Identity Encryption
More informationSecure Identity in Cloud Computing
Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective
More informationServer based signature service. Overview
1(11) Server based signature service Overview Based on federated identity Swedish e-identification infrastructure 2(11) Table of contents 1 INTRODUCTION... 3 2 FUNCTIONAL... 4 3 SIGN SUPPORT SERVICE...
More informationJobScheduler Web Services Executing JobScheduler commands
JobScheduler - Job Execution and Scheduling System JobScheduler Web Services Executing JobScheduler commands Technical Reference March 2015 March 2015 JobScheduler Web Services page: 1 JobScheduler Web
More information1 What Are Web Services?
Oracle Fusion Middleware Introducing Web Services 11g Release 1 (11.1.1.6) E14294-06 November 2011 This document provides an overview of Web services in Oracle Fusion Middleware 11g. Sections include:
More informationInteroperable Provisioning in a Distributed World
Interoperable Provisioning in a Distributed World Mark Diodati, Burton Group Ramesh Nagappan, Sun Microsystems Sampo Kellomaki, SymLabs 02/08/07 IAM 302 Contacts Mark Diodati (mdiodati@burtongroup.com)
More informationGreg Giles, Cisco Systems. Is compression a valid candidate for a standard?
1 WebServices Framework & Assertion exchange using SAML 2 3 4 5 Submitted By : Abstract: Krishna Sankar, Cisco Systems Greg Giles, Cisco Systems 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
More informationAmeritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines
Ameritas Single Sign-On (SSO) and Enterprise SAML Standard Architectural Implementation, Patterns and Usage Guidelines 1 Background and Overview... 3 Scope... 3 Glossary of Terms... 4 Architecture Components...
More informationCopyright. Restricted Rights Legend. Trademarks or Service Marks. Copyright 2003 BEA Systems, Inc. All Rights Reserved.
Version 8.1 SP4 December 2004 Copyright Copyright 2003 BEA Systems, Inc. All Rights Reserved. Restricted Rights Legend This software and documentation is subject to and made available only pursuant to
More informationDynamic Access Control Infrastructure for On-demand Provisioned Cloud Services
Dynamic Access Control Infrastructure for On-demand Provisioned Cloud Services Canh Ngo SNE Group, University of Amsterdam OGF-ISOD 33 September 19-21, 2011 Lyon, 2011 Agenda Introduction Scenario Motivation
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationSecuring Web Services From Encryption to a Web Service Security Infrastructure
Securing Web Services From Encryption to a Web Service Security Infrastructure Kerberos WS-Security X.509 TLS Gateway OWSM WS-Policy Peter Lorenzen WS-Addressing Agent SAML Policy Manager Technology Manager
More informationWeb Service Facade for PHP5. Andreas Meyer, Sebastian Böttner, Stefan Marr
Web Service Facade for PHP5 Andreas Meyer, Sebastian Böttner, Stefan Marr Agenda Objectives and Status Architecture Framework Features WSD Generator PHP5 eflection API Security Aspects used approach planned
More informationCA SOA Security Manager
CA SOA Security Manager Implementation Guide r12.1 Second Edition This documentation and any related computer software help programs (hereinafter referred to as the "Documentation") are for your informational
More informationIntroduction to Oracle WebLogic. Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson
Introduction to Oracle WebLogic Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson Agenda Overview Download and installation A concrete scenario using the real product Hints for the project Overview
More informationJDeveloper 11g JAX-WS web services:
SAGE Computing Services Customised Oracle Training Workshops and Consulting JDeveloper 11g JAX-WS web services:...as easy as 1-2-3: XSD, WSDL, Generate! Chris Muir Oracle Consultant and Trainer http://one-size-doesnt-fit-all.blogspot.com
More informationAvid. Interfacing with Avid inews. Including inews Web Services Version 1.0
Avid Interfacing with Avid inews Including inews Web Services Version 1.0 Table of Contents Overview...1 Exchanging Data with inews...2 inews FTP Server...2 RXNET/TXNET...2 Support for MOS Protocol...2
More informationSOA @ ebay : How is it a hit
SOA @ ebay : How is it a hit Sastry Malladi Distinguished Architect. ebay, Inc. Agenda The context : SOA @ebay Brief recap of SOA concepts and benefits Challenges encountered in large scale SOA deployments
More informationHow to secure your Apache Camel deployment
How to secure your Apache Camel deployment Jonathan Anstey Principal Engineer FuseSource 1 Your Presenter is: Jonathan Anstey Principal Software Engineer at FuseSource http://fusesource.com Apache Camel
More informationDavid Pilling Director of Applications and Development
Service Oriented Architecture for Law Firms: SOA is inevitable, are you ready? David Pilling Director of Applications and Development "Things should be made as simple as possible, but no simpler. -- Albert
More informationUsing mobile phones to access Web Services in a secure way. Dan Marinescu
Using mobile phones to access Web Services in a secure way Dan Marinescu March 7, 2007 Abstract Web Services is a technology that has gained in acceptance and popularity over the past years. The promise
More informationBuilding WebRTC Solutions with the Avaya WebRTC Collaboration Environment Snap-in. Joel Ezell Lead Architect, Collaboration Environment R&D
Building WebRTC Solutions with the WebRTC Collaboration Environment Snap-in Joel Ezell Lead Architect, Collaboration Environment R&D Use Cases for Collaboration Environment 3.0 WebRTC Outbound only Click
More informationTowards an Open Identity Infrastructure with OpenSSO. RMLL Nantes July 10 2009. Fulup Ar Foll Master Architect fulup@sun.com
Towards an Open Identity Infrastructure with OpenSSO RMLL Nantes July 10 2009 Fulup Ar Foll Master Architect fulup@sun.com 1 Towards an Open Identity Infrastructure with OpenSSO OpenSSO Overview > Integration
More informationModel-Driven Data Warehousing
Model-Driven Data Warehousing Integrate.2003, Burlingame, CA Wednesday, January 29, 16:30-18:00 John Poole Hyperion Solutions Corporation Why Model-Driven Data Warehousing? Problem statement: Data warehousing
More informationFederated Identity and Single Sign-On using CA API Gateway
WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect 2 WHITE PAPER: FEDERATED
More informationImplementation Guide SAP NetWeaver Identity Management Identity Provider
Implementation Guide SAP NetWeaver Identity Management Identity Provider Target Audience Technology Consultants System Administrators PUBLIC Document version: 1.10 2011-07-18 Document History CAUTION Before
More informationOn XACML, role-based access control, and health grids
On XACML, role-based access control, and health grids 01 On XACML, role-based access control, and health grids D. Power, M. Slaymaker, E. Politou and A. Simpson On XACML, role-based access control, and
More informationImplementing Single Sign On in Java Technologybased
Implementing Single Sign On in Java Technologybased Web Services Rima Patel Sriganesh Technology Evangelist Sun Microsystems, Inc. Why Am I Here? Well Because I Hate to sign-on tens of times for using
More informationIAM Application Integration Guide
IAM Application Integration Guide Date 03/02/2015 Version 0.1 DOCUMENT INFORMATIE Document Title IAM Application Integration Guide File Name IAM_Application_Integration_Guide_v0.1_SBO.docx Subject Document
More information... Introduction... 17
... Introduction... 17 1... Workbench Tools and Package Hierarchy... 29 1.1... Log on and Explore... 30 1.1.1... Workbench Object Browser... 30 1.1.2... Object Browser List... 31 1.1.3... Workbench Settings...
More informationOracle Hyperion Financial Management Custom Pages Development Guide
Oracle Hyperion Financial Management Custom Pages Development Guide CONTENTS Overview... 2 Custom pages... 2 Prerequisites... 2 Sample application structure... 2 Framework for custom pages... 3 Links...
More informationAquaLogic Service Bus
AquaLogic Bus Wolfgang Weigend Principal Systems Engineer BEA Systems 1 What to consider when looking at ESB? Number of planned business access points Reuse across organization Reduced cost of ownership
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationHow To Create A C++ Web Service
A Guide to Creating C++ Web Services WHITE PAPER Abstract This whitepaper provides an introduction to creating C++ Web services and focuses on:» Challenges involved in integrating C++ applications with
More informationWEB SERVICES SECURITY
WEB SERVICES SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationHow To Use Saml 2.0 Single Sign On With Qualysguard
QualysGuard SAML 2.0 Single Sign-On Technical Brief Introduction Qualys provides its customer the option to use SAML 2.0 Single Sign On (SSO) authentication with their QualysGuard subscription. When implemented,
More information000-371. Web Services Development for IBM WebSphere App Server V7.0 Exam. http://www.examskey.com/000-371.html
IBM 000-371 Web Services Development for IBM WebSphere App Server V7.0 Exam TYPE: DEMO http://www.examskey.com/000-371.html Examskey IBM 000-371 exam demo product is here for you to test the quality of
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationHP WebInspect Tutorial
HP WebInspect Tutorial Introduction: With the exponential increase in internet usage, companies around the world are now obsessed about having a web application of their own which would provide all the
More informationNCI CTSU. CTSU Single Sign-On (Java) Software Framework. Document Information: Approvals: Sponsor/Owner. Protocol/Project.
Document Information: Sponsor/Owner Protocol/Project Function/System NCI CTSU CTSU Single Sign-On (Java) Software Framework Document Approvals: IT Manager / Jayan Nair Date Assistant Project Director /
More informationHigh Performance XML Data Retrieval
High Performance XML Data Retrieval Mark V. Scardina Jinyu Wang Group Product Manager & XML Evangelist Oracle Corporation Senior Product Manager Oracle Corporation Agenda Why XPath for Data Retrieval?
More informationWeb services can convert your existing applications into web applications.
i About the Tutorial Web services are open standard (XML, SOAP, HTTP, etc.) based web applications that interact with other web applications for the purpose of exchanging data Web services can convert
More informationUsing SAML for Single Sign-On in the SOA Software Platform
Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software
More informationSTUDY ON IMPROVING WEB SECURITY USING SAML TOKEN
STUDY ON IMPROVING WEB SECURITY USING SAML TOKEN 1 Venkadesh.M M.tech, Dr.A.Chandra Sekar M.E., Ph.d MISTE 2 1 ResearchScholar, Bharath University, Chennai 73, India. venkadeshkumaresan@yahoo.co.in 2 Professor-CSC
More informationGlassFish Security. open source community experience distilled. security measures. Secure your GlassFish installation, Web applications,
GlassFish Security Secure your GlassFish installation, Web applications, EJB applications, application client module, and Web Services using Java EE and GlassFish security measures Masoud Kalali PUBLISHING
More informationWEB SERVICES. Sam Guinea guinea@elet.polimi.it. http://servicetechnologies.wordpress.com/
WEB SERVICES Sam Guinea guinea@elet.polimi.it http://servicetechnologies.wordpress.com/ Reference Book Martin Kalin Java Web Services: Up and Running, 1st Edition O'Reilly Media, Inc. JAX-WS Java API for
More informationInteroperable, Federated Identity Management Frameworks Across Enterprise Architectures. We can do this.
Interoperable, Federated Identity Management Frameworks Across Enterprise Architectures. We can do this. Scott McGrath COO Organization for the Advancement of Structured Information Standards A diverse
More informationApigee Gateway Specifications
Apigee Gateway Specifications Logging and Auditing Data Selection Request/response messages HTTP headers Simple Object Access Protocol (SOAP) headers Custom fragment selection via XPath Data Handling Encryption
More informationReusing Existing * Java EE Applications from Oracle SOA Suite
Reusing Existing * Java EE Applications from Oracle SOA Suite Guido Schmutz Technology Manager, Oracle ACE Director for FMW & SOA Trivadis AG, Switzerland Abstract You have a lot of existing Java EE applications.
More informationFederated Identity Management Solutions
Federated Identity Management Solutions Jyri Kallela Helsinki University of Technology jkallela@cc.hut.fi Abstract Federated identity management allows users to access multiple services based on a single
More informationIVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0
International Virtual Observatory Alliance IVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0 IVOA Proposed Recommendation 20151029 Working group http://www.ivoa.net/twiki/bin/view/ivoa/ivoagridandwebservices
More informationSAML Federated Identity at OASIS
International Telecommunication Union SAML Federated Identity at OASIS Hal Lockhart BEA Systems Geneva, 5 December 2006 SAML and the OASIS SSTC o SAML: Security Assertion Markup Language A framework for
More informationJVA-122. Secure Java Web Development
JVA-122. Secure Java Web Development Version 7.0 This comprehensive course shows experienced developers of Java EE applications how to secure those applications and to apply best practices with regard
More information000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>
000-575 IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version: Demo Page 1.What is the default file name of the IBM Tivoli Directory Integrator log? A. tdi.log B. ibmdi.log C. ibmdisrv.log
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More information