Home  /  Security Features of InterSystems IRIS  /  Securing Web Services

Securing Web Services
InterSystems: The power behind what matters   

Preface : 
Chapter 1: 
1.1 Tools in InterSystems IRIS Relevant to SOAP Security
1.2 A Brief Look at the WS-Security Header
1.3 Standards Supported in InterSystems IRIS
Chapter 2: 
2.1 Performing Setup Tasks
2.2 Retrieving Credential Sets Programmatically
2.3 Specifying the SSL/TLS Configuration for the Client to Use
Chapter 3: 
3.1 Overview
3.2 Creating and Attaching Policies
3.3 Editing the Generated Policy
3.4 Security Policy Descriptions
3.5 Policy Option Reference
       3.5.1 Credential Sets
3.6 Adding a Certificate at Runtime
3.7 Specifying a Policy at Runtime
3.8 Suppressing Compilation Errors for Unsupported Policies
Chapter 4: 
4.1 Configuration Class Basics
4.2 Adding InterSystems Extension Attributes
4.3 Details for the Configuration XData Block
       4.3.1 <configuration>
       4.3.2 <service>
       4.3.3 <method>
       4.3.4 <request>
       4.3.5 <response>
4.4 Example Custom Configurations
Chapter 5: 
5.1 Adding Security Header Elements
5.2 Order of Header Elements
Chapter 6: 
6.1 Overview
6.2 Adding a Timestamp
6.3 Adding a Username Token
6.4 Timestamp and Username Token Example
Chapter 7: 
7.1 Overview of Encryption
7.2 Encrypting the SOAP Body
7.3 Message Encryption Examples
7.4 Specifying the Block Encryption Algorithm
7.5 Specifying the Key Transport Algorithm
Chapter 8: 
8.1 Encrypting Security Header Elements
8.2 Basic Examples
Chapter 9: 
9.1 Overview of Digital Signatures
9.2 Adding a Digital Signature
       9.2.1 Example
9.3 Other Ways to Use the Certificate with the Signature
9.4 Applying a Digital Signature to Specific Message Parts
9.5 Specifying the Digest Method
9.6 Specifying the Signature Method
9.7 Specifying the Canonicalization Method for <KeyInfo>
9.8 Adding Signature Confirmation
Chapter 10: 
10.1 Overview
10.2 Creating and Adding a <DerivedKeyToken>
10.3 Using a <DerivedKeyToken> for Encryption
10.4 Using a <DerivedKeyToken> for Signing
Chapter 11: 
11.1 Signing and Then Encrypting with Asymmetric Keys
11.2 Encrypting and Then Signing with Asymmetric Keys
11.3 Signing and Then Encrypting with Symmetric Keys
11.4 Encrypting and Then Signing with Symmetric Keys
11.5 Order of Security Header Elements
Chapter 12: 
12.1 Overview
12.2 Validating WS-Security Headers
12.3 Accessing a SAML Assertion in the WS-Security Header
12.4 CSP Authentication and WS-Security
12.5 Retrieving a Security Header Element
12.6 Checking the Signature Confirmation
Chapter 13: 
13.1 Overview
13.2 Starting a Secure Conversation
13.3 Enabling an InterSystems IRIS Web Service to Support WS-SecureConversation
13.4 Using the <SecurityContextToken>
13.5 Ending a Secure Conversation
Chapter 14: 
14.1 Sending a Sequence of Messages from the Web Client
14.2 Signing the WS-ReliableMessaging Headers
14.3 Modifying a Web Service to Support WS-ReliableMessaging
14.4 Controlling How the Web Service Handles Reliable Messaging
Chapter 15: 
15.1 Overview
15.2 Basic Steps
15.3 Adding SAML Statements
15.4 Adding a <Subject> Element
15.5 Adding a <SubjectConfirmation> Element
15.6 Adding a <Conditions> Element
15.7 Adding <Advice> Elements
Chapter 16: 
16.1 Information Needed for Troubleshooting
16.2 Possible Errors
16.3 Items to Check in the Event of Security Errors
Appendix A: 
A.1 <BinarySecurityToken>
       A.1.1 Details
       A.1.2 Position in Message
A.2 <EncryptedKey>
       A.2.1 Details
       A.2.2 Position in Message
A.3 <EncryptedData>
       A.3.1 Details
       A.3.2 Position in Message
A.4 <Signature>
       A.4.1 Details
       A.4.2 Position in Message
A.5 <DerivedKeyToken>
       A.5.1 Details
       A.5.2 Position in Message
A.6 <ReferenceList>
       A.6.1 Details
       A.6.2 Position in Message