Securing Caché Web Services
[Home]  [Next]
InterSystems: The power behind what matters   
Class Reference   

Preface : 
Chapter 1: 
  1.1 Tools in Caché Relevant to SOAP Security
1.2 A Brief Look at the WS-Security Header
1.3 Standards Supported in Caché
1.3.1 WS-Security Support in Caché
1.3.2 WS-Policy Support in Caché
1.3.3 WS-SecureConversation Support in Caché
1.3.4 WS-ReliableMessaging Support in Caché
Chapter 2: 
  2.1 Performing Setup Tasks
2.1.1 Providing Trusted Certificates for Caché to Use
2.1.2 Creating and Editing Caché Credential Sets
2.2 Retrieving Credential Sets Programmatically
2.2.1 Retrieving a Stored Credential Set
2.2.2 Retrieving a Certificate from an Inbound Message
2.3 Specifying the SSL/TLS Configuration for the Client to Use
Chapter 3: 
  3.1 Overview
3.1.1 Effect of the Configuration Class
3.1.2 Relationship to WS-Security, WS-Addressing, and MTOM Support
3.1.3 Relationship of Web Service and Web Client
3.2 Creating and Attaching Policies
3.2.1 Using the Web Service/Client Configuration Wizard
3.2.2 Generating the Policy from the WSDL
3.3 Editing the Generated Policy
3.4 Security Policy Descriptions
3.4.1 SSL/TLS Connection Security
3.4.2 Username Authentication over SSL/TLS
3.4.3 X.509 Certificate Authentication over SSL/TLS
3.4.4 Authentication with Symmetric Keys
3.4.5 Symmetric Keys with Endorsing Certificate
3.4.6 Mutual X.509 Certificates Security
3.4.7 SAML Authorization over SSL/TLS
3.4.8 SAML with X.509 Certificates
3.5 Policy Option Reference
3.5.1 Credential Sets
3.6 Adding a Certificate at Runtime
3.7 Specifying a Policy at Runtime
3.8 Suppressing Compilation Errors for Unsupported Policies
Chapter 4: 
  4.1 Configuration Class Basics
4.2 Adding InterSystems Extension Attributes
4.3 Details for the Configuration XData Block
4.3.1 <configuration>
4.3.2 <service>
4.3.3 <method>
4.3.4 <request>
4.3.5 <response>
4.4 Example Custom Configurations
4.4.1 Configuration with Policy Alternatives
4.4.2 Configuration with Policy Reference
Chapter 5: 
  5.1 Adding Security Header Elements
5.2 Order of Header Elements
Chapter 6: 
  6.1 Overview
6.2 Adding a Timestamp
6.3 Adding a Username Token
6.4 Timestamp and Username Token Example
Chapter 7: 
  7.1 Overview of Encryption
7.2 Encrypting the SOAP Body
7.2.1 Variation: Using Information That Identifies the Certificate
7.2.2 Variation: Using a Signed SAML Assertion
7.3 Message Encryption Examples
7.4 Specifying the Block Encryption Algorithm
7.5 Specifying the Key Transport Algorithm
Chapter 8: 
  8.1 Encrypting Security Header Elements
8.2 Basic Examples
Chapter 9: 
  9.1 Overview of Digital Signatures
9.2 Adding a Digital Signature
9.2.1 Example
9.3 Other Ways to Use the Certificate with the Signature
9.3.1 Variation: Using Information That Identifies the Certificate
9.3.2 Variation: Using a Signed SAML Assertion
9.4 Applying a Digital Signature to Specific Message Parts
9.5 Specifying the Digest Method
9.6 Specifying the Signature Method
9.7 Specifying the Canonicalization Method for <KeyInfo>
9.8 Adding Signature Confirmation
Chapter 10: 
  10.1 Overview
10.2 Creating and Adding a <DerivedKeyToken>
10.2.1 Variation: Creating an Implied <DerivedKeyToken>
10.2.2 Variation: Referencing the SHA1 Hash of an <EncryptedKey>
10.3 Using a <DerivedKeyToken> for Encryption
10.4 Using a <DerivedKeyToken> for Signing
Chapter 11: 
  11.1 Signing and Then Encrypting with Asymmetric Keys
11.2 Encrypting and Then Signing with Asymmetric Keys
11.3 Signing and Then Encrypting with Symmetric Keys
11.3.1 Using <DerivedKeyToken> Elements
11.4 Encrypting and Then Signing with Symmetric Keys
11.5 Order of Security Header Elements
Chapter 12: 
  12.1 Overview
12.2 Validating WS-Security Headers
12.3 Accessing a SAML Assertion in the WS-Security Header
12.4 CSP Authentication and WS-Security
12.5 Retrieving a Security Header Element
12.6 Checking the Signature Confirmation
Chapter 13: 
  13.1 Overview
13.2 Starting a Secure Conversation
13.3 Enabling a Caché Web Service to Support WS-SecureConversation
13.4 Using the <SecurityContextToken>
13.5 Ending a Secure Conversation
Chapter 14: 
  14.1 Sending a Sequence of Messages from the Web Client
14.2 Signing the WS-ReliableMessaging Headers
14.2.1 Signing the Headers with the SecurityContextToken
14.2.2 Signing the Headers When Signing the Message
14.3 Modifying a Web Service to Support WS-ReliableMessaging
14.4 Controlling How the Web Service Handles Reliable Messaging
Chapter 15: 
  15.1 Overview
15.2 Basic Steps
15.2.1 Variation: Not Using a <BinarySecurityToken>
15.2.2 Variation: Creating an Unsigned SAML Assertion
15.3 Adding SAML Statements
15.4 Adding a <Subject> Element
15.5 Adding a <SubjectConfirmation> Element
15.5.1 <SubjectConfirmation> with Method Holder-of-key
15.5.2 <SubjectConfirmation> with Method Sender-vouches
15.5.3 <SubjectConfirmation> with <EncryptedKey>
15.5.4 <SubjectConfirmation> with BinarySecret as Holder-of-key
15.6 Adding a <Conditions> Element
15.7 Adding <Advice> Elements
Chapter 16: 
  16.1 Information Needed for Troubleshooting
16.2 Possible Errors
16.3 Items to Check in the Event of Security Errors
Appendix A: 
  A.1 <BinarySecurityToken>
A.1.1 Details
A.1.2 Position in Message
A.2 <EncryptedKey>
A.2.1 Details
A.2.2 Position in Message
A.3 <EncryptedData>
A.3.1 Details
A.3.2 Position in Message
A.4 <Signature>
A.4.1 Details
A.4.2 Position in Message
A.5 <DerivedKeyToken>
A.5.1 Details
A.5.2 Position in Message
A.6 <ReferenceList>
A.6.1 Details
A.6.2 Position in Message