zentrale Sicherheitsplattform für WS Web Services Manager in Action: Leitender Systemberater Kersten Mebus

Similar documents
Oracle 1Z Oracle SOA Suite 12c Essentials.

Oracle Fusion Middleware

Enterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape

1Z Oracle SOA Suite 12c Essentials Exam Summary Syllabus Questions

Securing SOA and Web Services with Oracle Enterprise Gateway

Getting Started with. Oracle SOA Suite 11g. R1 -AHands-On Tutorial. composite application in just hours!

Oracle Fusion Middleware

Oracle Fusion Middleware

Oracle Developer Day

Oracle Web Service Manager Implementation Guide Oracle FLEXCUBE Universal Banking Release [April] [2014]

Testpassport.

TIBCO ActiveMatrix Policy Director Administration

Oracle SOA Suite 11g: Build Composite Applications

Using Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee

Getting Started w/ Security for your Oracle SOA Suite Integrations

Interoperability Solutions Guide for Oracle Web Services Manager 12c (12.2.1)

Oracle SOA Suite 12c: Build Composite Applications. About this course. Course type Essentials. Duration 5 Days

1Z

Fusion Middleware - Überblick Teil einer Referenzarchitektur für die öffentliche Verwaltung

Oracle SOA Suite 10g: Services Orchestration

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

Oracle Fusion Middleware

<Insert Picture Here> Forms Strategies: Modernizing Your Oracle Forms Investment

ArcGIS Server and Portal for ArcGIS An Introduction to Security

An Oracle White Paper July Oracle Identity Management 11g

Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record

Oracle Fusion Middleware

CO Java EE 6: Develop Web Services with JAX-WS & JAX-RS

The Business of Identity: Business Drivers and Use Cases of Identity Web Services

All about SAML End-to-end Tableau and OKTA integration

Contents About This Guide... 5 Oracle BPM Setup Tasks... 5 Integrating Oracle BPM with P Troubleshooting and Known Issues for BPM...

Oracle Communications Services Gatekeeper

<Insert Picture Here> Upgrading from Oracle Application Server to Oracle WebLogic Server

Federated Web Services with Mobile Devices

Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...

Oracle Fusion Middleware

Oracle Fusion Middleware

Tivoli Federated Identity Manager. Sven-Erik Vestergaard Certified IT Specialist Security architect SWG Nordic

Securing WebLogic Web Services for Oracle WebLogic Server 12c (12.2.1)

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Warm Up to Identity Protocol Soup

Smarter Business Agility with WebSphere DataPower Appliances Introduction

Programming Web Services in Java

Contents Overview... 5 Downloading Primavera Gateway... 5 Primavera Gateway On-Premises Installation Prerequisites... 6

SAML-Based SSO Solution

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

1z0-479 oracle. Number: 1z0-479 Passing Score: 800 Time Limit: 120 min.

Sentinet for BizTalk Server SENTINET

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

SECURE YOUR INTEGRATIONS. Maarten Smeets

Apps Exception Problem Building Schema Jdeveloper

Oracle Web Service Manager 11g Component Level Role Authorization (in SOA Suite) March, 2012

ebusiness Suite goes SOA

Oracle Service Bus 10g R3: System Administration

Oracle Fusion Middleware

SAP Security in a Hybrid World. Kiran Kola

SAML-Based SSO Solution

Contents Introduction... 5 Configuring Single Sign-On... 7 Configuring Identity Federation Using SAML 2.0 Authentication... 29

Configuring Microsoft ADFS for Oracle Fusion Expenses Mobile Single Sign-On

WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices

Oracle Access Manager Configuration Guide

CA SiteMinder Web Services Security

IBM IBM IBM Tivoli Federated Identity Manager V6.1. Practice Test. Version

United Kingdom Fusion Middleware Training. July December ORACLE United Kingdom Telephone:

4 Connecting to Composites

TIBCO ActiveMatrix BPM SOA Development Tutorials

Using IBM DataPower as the ESB appliance, this provides the following benefits:

Oracle Utilities Customer Self Service

B. By not making any configuration changes because, by default, the adapter reads input files in ascending order of their lastmodifiedtime.

ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration

Major SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007

Java EE 7: Back-End Server Application Development

Understanding Oracle ADF and its role in the Oracle Fusion Platform

Oliver Wulff / Talend. Flexibles Service Enabling mit Apache CXF

Interoperable Business Web Services Using Project Metro and.net 3.5

<Insert Picture Here> The Oracle Fusion Development Platform: Oracle JDeveloper and Oracle ADF Overview

Next-Generation SOA Infrastructure. An Oracle White Paper May 2007

Identität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

X100 ARCHITECTURE REFERENCES:

Identity-Enabled Web Services

API Security Management SENTINET

Single Sign-On Showdown

CO Java EE 7: Back-End Server Application Development

WS-* Standards. Szolgáltatásorientált rendszerintegráció Service-Oriented System Integration. Dr. Balázs Simon BME, IIT

UNITE 2007 Technology Conference

Unified Contact Center Enterprise (UCCE) Single Sign On (SSO) Certificates and Configuration

Oracle SOA Suite 12c: Build Composite Applications

THE NEW DIGITAL EXPERIENCE

ArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith

Oracle Communications Network Integrity

Oracle Mobile and Social Access Management

Oracle Exam 1z0-478 Oracle SOA Suite 11g Certified Implementation Specialist Version: 7.4 [ Total Questions: 75 ]

Concepts of Web Services Security

Takes 2 to Tango: Java Web Services and.net Interoperability

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

Integrating Legacy Assets Using J2EE Web Services

C exam. IBM C IBM WebSphere Application Server Developer Tools V8.5 with Liberty Profile. Version: 1.

Securing REST using Oracle WebService Manager July 2013

TIBCO BusinessConnect SOAP Protocol Release Notes

Transcription:

<Insert Picture Here> Web Services Manager in Action: zentrale Sicherheitsplattform für WS Kersten Mebus Leitender Systemberater

Agenda Web Services Security Oracle Web Service Manager Samples OWSM vs OEG DEMO Summary

Web Service Security Securing Web services using WS-Security standards: Supported by WS-SecurityPolicy standards, among others Applied to service end points, to provide: Authentication and authorization Signing and encrypting the whole message or parts thereof Integrity (reliable messaging), confidentiality, and propagation of credentials Authentication Who? WS-Security UsernameTokenProfile (sign, encrypt, propagate) Allow (Y/N)? Authenticate and authorize WS-SecurityPolicy Request Response Policy enforcement point Client Service End point

Web Services Security Approaches The standard ways of securing Web services are: Protocol based: Secure sockets layer (SSL) Secure HTTP (S-HTTP) Message based: XML digital signature XML encryption Security Assertion Markup Language (SAML) 1 2

WS-Security Fundamentals Authentication: Incorporated by using security tokens: Username token X.509 certificates SAML assertions Confidentiality: Supports the W3C XML encryption standard Supports standard key exchange mechanisms Enables encryption to be applied in parts Integrity: W3C XML signature standard Signature can be applied in parts

Oracle Web Services Manager 11g What it does: Secures services across your entire SOA infrastructure using a unified, consistent and centrally managed policy infrastructure How it works: Simply define, and apply policies, apply at design time or at runtime, apply locally or globally.

Global Policy Management: Oracle WSM Policy Manager Clearly separates process logic from security concerns Secures endpoints Sets and propagate identity Mediator BPEL/BPM 2 3 4 Human Task Policy Manager Service Infrastructure Service Component Interceptors: Authorization Web Service Interceptor: Authentication Authorization 1 SOAP SOAP 5 Web Service Interceptor: User token insertion (such as SAML) Integrity & Confidentiality (signatures, encryption/decryption) Message Integrity & Confidentiality (signatures, encryption/decryption) Publish security requirements as WS-Policy in WSDL HTTP/SOAP message HTTP/SOAP message File LDAP Java Platform Security DB SSO (Oracle Access Manager & 3 rd - Party)

OWSM Security Policies Oracle Web Server Manager policies are: oracle/wss_username_token_service_policy oracle/wss11_saml_token_client_policy oracle/wss11_message_protection_service_policy oracle/wss11_username_token_with_message_protection_service_ policy Authenticate: Sets UsernameToken values WS-Security: Carries UsernameToken WS-SecurityPolicy: The oracle/wss_username_token_service_policy policy can be used to extract token data, apply authentication and authorization, and set the Subject Request Response Policy enforcement point Client Service

Deployment Architecture SOA Domain #1 Policy Attachment Oracle EM Service Agent Agent Policies Policy Manager Policy Mgt Service SOA Domain #2 Oracle EM Policy Manager JDeveloper Policies Policies & Usage data Only supported for JDev File Policies & Usage data Policy Store (MDS) DB Only supported configuration for production

Sample: Start Business Process Web Services Security Credit Check JAX-WS Client Quote Web App WSS 1.0 SAML, ID Propagation WSS 1.1 SAML, ID Propagation Credit Service Quote Service All end points secured by OWSM Policy

Sample: Intermediate Business Process SOA Security Internal PO Web App PO Processing WSS 1.0 & WSS 1.1 SAML, ID Propagation Message Protection Role-Based Access Control Credit Service Quote Service Fulfillment Service All end points secured by OWSM Policy

Sample: End Business Process SOA & OSB Security Internal PO Web App PO Processing External System Oracle Service Bus Credit Service Quote Service Fulfillment Service AR System All end points secured by OWSM Policy JMS

Oracle Enterprise Gateway First Line Of Defense Web Services Virtualization Web Client (Browser) HTTP GET/POST Web Service Client REST Web Service Client Web Service Client XML SOAP Oracle Enterprise Gateway OSB With OWSM Extension Web Service Client JMS Internet Company s DMZ 14 Last-Mile Security OWSM Agent OWSM Agent Company s Green Zone Web Service Web Service

Oracle Enterprise Gateway Deployment Web Client (Browser) Web Client (Browser) Web Service Client Web Service Client Web Service Client HTTP GET/POST.NET WS PL/SQL WS Tibco WS, JMS WebCenter App OWSM Agents REST XML SOAP Oracle Identity Management Java EE WS ADF BC WS SOA Composite Oracle Enterprise Gateway REST SOAP Oracle Service Bus (*) Web Service Client JMS Metadata Store (MDS) Oracle Enterprise Manager OWSM Policy Manager (*): OSB can be with or without OWSM extension 15

DEMO

Summary SECURITY (WS-*) Oracle Web Services Manager Web Services SOA/OSB/BPM ADF Webcenter JAX-WS Oracle Weblogic Server

18

19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback