Web Services Security Considerations in Java

Course:  WSSEC
Duration:  1 Day
Level:  II
Course Summary

This course teaches experienced Java Web Service programmers how to secure web services using Java. Using tools such as RAD and WebSphere Application Server, the student will learn how to use Digit Signatures, Encryption, and Security tokens. Best practices will bediscussed along with third party frameworks like Rampart.

« Hide The Details
Topics Covered In This Course


Typical scenario for WS-Security

  • Authentication
  • Integrity and confidentiality

Establishing a security context

Features of WS-Security in Application Server

  • Supported specifications
  • Unsupported specifications

Extensions in WebSphere Application Server

Architecture and deployment model

  • High-level architecture
  • Configuration structure

Development of WS-Security

  • RAD Step-by-Step for digital signatures, encryption, and security tokens.
  • How to define WS-Security configuration
  • Generating sample key stores
  • Authentication
  • Integrity
  • Confidentiality
  • Adding a security timestamp

Testing on WebSphere Application Server

  • Enabling security on the server
  • Enabling the TCP/IP Monitor
  • Testing the application with WS-Security
  • Debugging and tracing
  • Typical errors

Generating WS-Security Sample Configurations

  • Running the Web Service wizard with security
  • Scenario to generate and modify security definitions
  • Modifying generated definitions to use own key stores
  • Adding authentication and timestamp

Configuring WS-Security on an Application Server

  • Modifying binding configurations
  • Adding a custom JAAS configuration
  • Configuring certificate caching
What You Can Expect

At the end of the course, students will be able to:

  • Understand Web Service security options.
  • Design and implement secure web services.
  • Use RAD to create digital signatures, encrypt messages and add security tokens.
  • Configure WebSphere Application to develop, test and deploy secure web services.
  • Troubleshoot security problems.
Who Should Take This Course

This course is designed for experienced Java Web Service programmers.

Recommended Prerequisites

One or more years in developing Java Web Services.

Training Style

Lecture (50%) / Workshop (50%)

« Hide The Details
Related Courses
Code Course Title Duration Level
Java Web Security
4 Days

Every student attending a Verhoef Training class will receive a certificate good for $100 toward their next public class taken within a year.

You can also buy "Verhoef Vouchers" to get a discounted rate for a single student in any of our public or web-based classes. Contact your account manager or our sales office for details.

Schedule For This Course
There are currently no public sessions scheduled for this course. We can schedule a private class for your organization just a couple of weeks from now. Or we can let you know the next time we do schedule a public session.
Notify me the next time this course is confirmed!
Can't find the course you want?
Call us at 800.533.3893, or
email us at [email protected]