Web Services Security Considerations in Java

Course:   WSSEC
Duration:   1 Day
Level:   II
On our website at:   http://www.verhoef-training.com/courses/WSSEC.html
 
Course Summary

This course teaches experienced Java Web Service programmers how to secure web services using Java. Using tools such as RAD and WebSphere Application Server, the student will learn how to use Digit Signatures, Encryption, and Security tokens. Best practices will bediscussed along with third party frameworks like Rampart.

Topics Covered In This Course

Overview

Typical scenario for WS-Security

  • Authentication
  • Integrity and confidentiality

Establishing a security context

Features of WS-Security in Application Server

  • Supported specifications
  • Unsupported specifications

Extensions in WebSphere Application Server

Architecture and deployment model

  • High-level architecture
  • Configuration structure

Development of WS-Security

  • RAD Step-by-Step for digital signatures, encryption, and security tokens.
  • How to define WS-Security configuration
  • Generating sample key stores
  • Authentication
  • Integrity
  • Confidentiality
  • Adding a security timestamp

Testing on WebSphere Application Server

  • Enabling security on the server
  • Enabling the TCP/IP Monitor
  • Testing the application with WS-Security
  • Debugging and tracing
  • Typical errors

Generating WS-Security Sample Configurations

  • Running the Web Service wizard with security
  • Scenario to generate and modify security definitions
  • Modifying generated definitions to use own key stores
  • Adding authentication and timestamp

Configuring WS-Security on an Application Server

  • Modifying binding configurations
  • Adding a custom JAAS configuration
  • Configuring certificate caching
What You Can Expect

At the end of the course, students will be able to:

Who Should Take This Course

This course is designed for experienced Java Web Service programmers.

Recommended Prerequisites

One or more years in developing Java Web Services.

Training Style

Lecture (50%) / Workshop (50%)

Related Courses
Code Course Title Duration Level
JWSEC
Java Web Security
4 Days
II
Details

Every student attending a Verhoef Training class will receive a certificate good for $100 toward their next public class taken within a year.

You can also buy "Verhoef Vouchers" to get a discounted rate for a single student in any of our public or web-based classes. Contact your account manager or our sales office for details.