Securing Caché Web Services
Contents
 
   
Server:docs2
Instance:LATEST
User:UnknownUser
 
-
Go to:
Search:    

 
Contents

Preface : 
 
 
Chapter 1: 
 
  • 1.1 Tools in Caché Relevant to SOAP Security
  • 1.2 A Brief Look at the WS-Security Header
  • 1.3 Standards Supported in Caché
  • 1.3.1 WS-Security Support in Caché
  • 1.3.2 WS-Policy Support in Caché
  • 1.3.3 WS-SecureConversation Support in Caché
  • 1.3.4 WS-ReliableMessaging Support in Caché
  • Chapter 2: 
     
  • 2.1 Performing Setup Tasks
  • 2.1.1 Providing Trusted Certificates for Caché to Use
  • 2.1.2 Creating and Editing Caché Credential Sets
  • 2.2 Retrieving Credential Sets Programmatically
  • 2.2.1 Retrieving a Stored Credential Set
  • 2.2.2 Retrieving a Certificate from an Inbound Message
  • 2.3 Specifying the SSL/TLS Configuration for the Client to Use
  • Chapter 3: 
     
  • 3.1 Overview
  • 3.1.1 Effect of the Configuration Class
  • 3.1.2 Relationship to WS-Security, WS-Addressing, and MTOM Support
  • 3.1.3 Relationship of Web Service and Web Client
  • 3.2 Creating and Attaching Policies
  • 3.2.1 Using the Web Service/Client Configuration Wizard
  • 3.2.2 Generating the Policy from the WSDL
  • 3.3 Editing the Generated Policy
  • 3.4 Security Policy Descriptions
  • 3.4.1 SSL/TLS Connection Security
  • 3.4.2 Username Authentication over SSL/TLS
  • 3.4.3 X.509 Certificate Authentication over SSL/TLS
  • 3.4.4 Authentication with Symmetric Keys
  • 3.4.5 Symmetric Keys with Endorsing Certificate
  • 3.4.6 Mutual X.509 Certificates Security
  • 3.4.7 SAML Authorization over SSL/TLS
  • 3.4.8 SAML with X.509 Certificates
  • 3.5 Policy Option Reference
  • 3.5.1 Credential Sets
  • 3.6 Adding a Certificate at Runtime
  • 3.7 Specifying a Policy at Runtime
  • 3.8 Suppressing Compilation Errors for Unsupported Policies
  • Chapter 4: 
     
  • 4.1 Configuration Class Basics
  • 4.2 Adding InterSystems Extension Attributes
  • 4.3 Details for the Configuration XData Block
  • 4.3.1 <configuration>
  • 4.3.2 <service>
  • 4.3.3 <method>
  • 4.3.4 <request>
  • 4.3.5 <response>
  • 4.4 Example Custom Configurations
  • 4.4.1 Configuration with Policy Alternatives
  • 4.4.2 Configuration with Policy Reference
  • Chapter 5: 
     
  • 5.1 Adding Security Header Elements
  • 5.2 Order of Header Elements
  • Chapter 6: 
     
  • 6.1 Overview
  • 6.2 Adding a Timestamp
  • 6.3 Adding a Username Token
  • 6.4 Timestamp and Username Token Example
  • Chapter 7: 
     
  • 7.1 Overview of Encryption
  • 7.2 Encrypting the SOAP Body
  • 7.2.1 Variation: Using Information That Identifies the Certificate
  • 7.2.2 Variation: Using a Signed SAML Assertion
  • 7.3 Message Encryption Examples
  • 7.4 Specifying the Block Encryption Algorithm
  • 7.5 Specifying the Key Transport Algorithm
  • Chapter 8: 
     
  • 8.1 Encrypting Security Header Elements
  • 8.2 Basic Examples
  • Chapter 9: 
     
  • 9.1 Overview of Digital Signatures
  • 9.2 Adding a Digital Signature
  • 9.2.1 Example
  • 9.3 Other Ways to Use the Certificate with the Signature
  • 9.3.1 Variation: Using Information That Identifies the Certificate
  • 9.3.2 Variation: Using a Signed SAML Assertion
  • 9.4 Applying a Digital Signature to Specific Message Parts
  • 9.5 Specifying the Digest Method
  • 9.6 Specifying the Signature Method
  • 9.7 Specifying the Canonicalization Method for <KeyInfo>
  • 9.8 Adding Signature Confirmation
  • Chapter 10: 
     
  • 10.1 Overview
  • 10.2 Creating and Adding a <DerivedKeyToken>
  • 10.2.1 Variation: Creating an Implied <DerivedKeyToken>
  • 10.2.2 Variation: Referencing the SHA1 Hash of an <EncryptedKey>
  • 10.3 Using a <DerivedKeyToken> for Encryption
  • 10.4 Using a <DerivedKeyToken> for Signing
  • Chapter 11: 
     
  • 11.1 Signing and Then Encrypting with Asymmetric Keys
  • 11.2 Encrypting and Then Signing with Asymmetric Keys
  • 11.3 Signing and Then Encrypting with Symmetric Keys
  • 11.3.1 Using <DerivedKeyToken> Elements
  • 11.4 Encrypting and Then Signing with Symmetric Keys
  • 11.5 Order of Security Header Elements
  • Chapter 12: 
     
  • 12.1 Overview
  • 12.2 Validating WS-Security Headers
  • 12.3 Accessing a SAML Assertion in the WS-Security Header
  • 12.4 CSP Authentication and WS-Security
  • 12.5 Retrieving a Security Header Element
  • 12.6 Checking the Signature Confirmation
  • Chapter 13: 
     
  • 13.1 Overview
  • 13.2 Starting a Secure Conversation
  • 13.3 Enabling a Caché Web Service to Support WS-SecureConversation
  • 13.4 Using the <SecurityContextToken>
  • 13.5 Ending a Secure Conversation
  • Chapter 14: 
     
  • 14.1 Sending a Sequence of Messages from the Web Client
  • 14.2 Signing the WS-ReliableMessaging Headers
  • 14.2.1 Signing the Headers with the SecurityContextToken
  • 14.2.2 Signing the Headers When Signing the Message
  • 14.3 Modifying a Web Service to Support WS-ReliableMessaging
  • 14.4 Controlling How the Web Service Handles Reliable Messaging
  • Chapter 15: 
     
  • 15.1 Overview
  • 15.2 Basic Steps
  • 15.2.1 Variation: Not Using a <BinarySecurityToken>
  • 15.2.2 Variation: Creating an Unsigned SAML Assertion
  • 15.3 Adding SAML Statements
  • 15.4 Adding a <Subject> Element
  • 15.5 Adding a <SubjectConfirmation> Element
  • 15.5.1 <SubjectConfirmation> with Method Holder-of-key
  • 15.5.2 <SubjectConfirmation> with Method Sender-vouches
  • 15.5.3 <SubjectConfirmation> with <EncryptedKey>
  • 15.5.4 <SubjectConfirmation> with BinarySecret as Holder-of-key
  • 15.6 Adding a <Conditions> Element
  • 15.7 Adding <Advice> Elements
  • Chapter 16: 
     
  • 16.1 Information Needed for Troubleshooting
  • 16.2 Possible Errors
  • 16.3 Items to Check in the Event of Security Errors
  •  
    Appendix A: 
     
  • A.1 <BinarySecurityToken>
  • A.1.1 Details
  • A.1.2 Position in Message
  • A.2 <EncryptedKey>
  • A.2.1 Details
  • A.2.2 Position in Message
  • A.3 <EncryptedData>
  • A.3.1 Details
  • A.3.2 Position in Message
  • A.4 <Signature>
  • A.4.1 Details
  • A.4.2 Position in Message
  • A.5 <DerivedKeyToken>
  • A.5.1 Details
  • A.5.2 Position in Message
  • A.6 <ReferenceList>
  • A.6.1 Details
  • A.6.2 Position in Message