Securing Web Services
- Securing Web Services with SOAP
- Tools in InterSystems IRIS Relevant to SOAP Security
- A Brief Look at the WS-Security Header
- SOAP Security Standards
- Setup and Other Common Activities
- Performing Setup Tasks
- Retrieving Credential Sets Programmatically
- Specifying the SSL/TLS Configuration for the Client to Use
- Creating and Using Policies
- Overview
- Creating and Attaching Policies
- Editing the Generated Policy
- Adding a Certificate at Runtime
- Specifying a Policy at Runtime
- Suppressing Compilation Errors for Unsupported Policies
- WS-Policy Configuration Class Details
- Configuration Class Basics
- Adding InterSystems Extension Attributes
- Details for the Configuration XData Block
- Example Custom Configurations
- Adding Security Elements Manually
- Adding Timestamps and Username Tokens
- Encrypting the SOAP Body
- Overview of Encryption
- Encrypting the SOAP Body
- Message Encryption Examples
- Specifying the Block Encryption Algorithm
- Specifying the Key Transport Algorithm
- Encrypting Security Header Elements
- Adding Digital Signatures
- Overview of Digital Signatures
- Adding a Digital Signature
- Other Ways to Use the Certificate with the Signature
- Applying a Digital Signature to Specific Message Parts
- Specifying the Digest Method
- Specifying the Signature Method
- Specifying the Canonicalization Method for <KeyInfo>
- Adding Signature Confirmation
- Using Derived Key Tokens for Encryption and Signing
- Overview
- Creating and Adding a <DerivedKeyToken>
- Using a <DerivedKeyToken> for Encryption
- Using a <DerivedKeyToken> for Signing
- Combining Encryption and Signing
- Signing and Then Encrypting with Asymmetric Keys
- Encrypting and Then Signing with Asymmetric Keys
- Signing and Then Encrypting with Symmetric Keys
- Encrypting and Then Signing with Symmetric Keys
- Order of Security Header Elements
- Validating and Decrypting Inbound Messages
- Overview
- Validating WS-Security Headers
- Accessing a SAML Assertion in the WS-Security Header
- Instance Authentication and WS-Security
- Retrieving a Security Header Element
- Checking the Signature Confirmation
- Creating Secure Conversations
- Overview
- Starting a Secure Conversation
- Enabling an InterSystems IRIS Web Service to Support WS-SecureConversation
- Using the <SecurityContextToken>
- Ending a Secure Conversation
- Using WS-ReliableMessaging
- Sending a Sequence of Messages from the Web Client
- Signing the WS-ReliableMessaging Headers
- Modifying a Web Service to Support WS-ReliableMessaging
- Controlling How the Web Service Handles Reliable Messaging
- Creating and Adding SAML Tokens
- Overview
- Basic Steps
- Adding SAML Statements
- Adding a <Subject> Element
- Adding a <SubjectConfirmation> Element
- Adding a <Conditions> Element
- Adding <Advice> Elements
- Troubleshooting Security Problems
- Information Needed for Troubleshooting
- Possible Errors
- Items to Check in the Event of Security Errors
- Details of the Security Elements