The Web Services Security
specification defines core facilities
for protecting the integrity and confidentiality of a message, and
provides mechanisms for associating security-related claims with a
message.
Subtopics:
Web Services Security concepts
The Web Services Security specification
defines core facilities
for protecting the integrity and confidentiality of a message, and
provides mechanisms for associating security-related claims with a
message.
SAML concepts
SAML is an XML-based, OASIS standard for exchanging user
identity and security attributes information. In a typical SAML usage
scenario, you authenticate to a security domain and request an identity
provider to issue SAML assertions.
Generic security token login modules
The generic security token login modules are Java Authentication and Authorization
Service (JAAS) login modules. These login modules issue, validate,
and exchange security tokens using an external Security Token Service
(STS).
Generic security token login module for the token generator
When a web service request is made, the application server
calls the generic security login module for the token generator as
part of the Web Service Security authentication process.
Generic security token login module for the token consumer
When a web service message is received, the application
server calls the generic security token login module for the token
consumer as part of the Web Services Security authentication process.
Web Services Security concepts for Version 5.x applications
IBM® supports Web Services Security, which is an extension
of the IBM web services engine, to provide a quality of service. The
WebSphere® Application Server security infrastructure fully integrates
Web Services Security with the Java™ Platform, Enterprise Edition
(Java EE) security specification.
Last updated: April 18, 2014 05:01 AM CDT http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-iseries&topic=container_wssec_concepts File name: container_wssec_concepts.html