Administering web services - Security (WS-Security)
The Web Services Security specification defines core facilities
for protecting the integrity and confidentiality of a message, and
provides mechanisms for associating security-related claims with a
message.
Subtopics:
Deploying applications that use SAML
After SAML policy sets and bindings have been configured,
and SAML tokens created, the SAML token information can be sent from
the original login server to other servers using the SAML propagation
feature. You can also extract SAML attributes from an existing SAML
token and then create additional tokens using the extracted attributes.
Administering Web Services Security
To secure web services, you
must consider a broad set of
security requirements, including authentication, authorization, privacy,
trust, integrity, confidentiality, secure communications channels,
delegation, and auditing across a spectrum of application and business
topologies. You can choose to configure Web Services Security for
the application level, the server level or the cell level, depending
upon your environment and security needs.