EduMaster, s.r.o., skoleni java/java-ee/ DWS-4120-EE5

Školení: DWS-4120-EE5

Developing Secure Java Web Services

Nejbližší termíny:

Kurz není v nejbližší době naplánován. Kontaktujte nás a pokusíme se Vám vyjít vstříc.

Podrobnosti:

The Developing Secure Java Web Services workshop provides business component and client developers with the information they need to design, implement, deploy, and maintain secure web services and web service clients using Java technology components and the Java Platform, Enterprise Edition 5 (Java EE 5 platform). Students learn about the need to secure web services and the challenges associated with web services security. Students also learn about prominent industry standards and initiatives developed to provide comprehensive security solutions for web services.In addition, students learn how to secure web services by using application-layer security, transport-layer security, and message-layer security. This comprehensive course also covers identity management concepts, drivers behind identity management solutions, and Sun Java System Access Manager functions. Students also learn how to secure web services by using the web services security providers in Sun Java System Access Manager 7.1. Students perform the course lab exercises by using the NetBeans Integrated Development Environment (IDE), Metro, Sun Java System Access Manager 7.1, and GlassFishStudents who can benefit from this course:Business component and client application developers, system integrators, IT architects, and other technical personnelJava EE 5 software developers planning on implementing and securing web servicesDevelopers interested in implementing Service Oriented Architecture (SOA) in their enterprise

Audience:

  • J2EE Developer
  • Java Developer
  • Java EE Developer

Objectives:

  • Identify the need to secure web services
  • List and explain the primary elements and concepts of application security
  • Outline the factors that must be considered when designing a web service security solution
  • Describe the issues and concerns related to securing web service interactions
  • Analyze the security requirements of web services
  • Identify the security challenges and threats in a web service application
  • Evaluate the tools and technologies available for securing a Java web service
  • Secure web services by using application-layer security, transport-layer security, and message-layer security
  • Describe the concept of identity and the drivers behind identity management solutions
  • Explain the role of Sun Java System Access Manager in securing web services
  • Secure web services by using WS-I BSP token profiles
  • Secure web services by using Liberty token profiles

Topics:

Encapsulating the Basics of Security

  • Summarize the characteristics of web services and analyze the impact on application security
  • Examine how the data exposed by a web service can impact its security requirements
  • Describe the security principles of web architecture
  • Describe the characteristics of application security
  • Describe the technologies used to implement application security
  • Identify the security issues in a web service model
  • Evaluate the security requirements of web services
  • Explore the Auction Application

Examining Web Services Security Threats and Countermeasures

  • Identify the security requirements of web services
  • List the features that are typically provided by a properly implemented security mechanism
  • List the security principles for web services
  • Identify the security challenges and threats in a web service application
  • Identify the technologies to address the security challenges in a web service application
  • Explain the need for a web services security model
  • Describe the primary mechanisms to secure web services
  • Examine Security Threats and Countermeasures

Overview of Web Services Security Solutions

  • Explain the web service framework
  • Explain the need to establish standards for web services security
  • Describe the various web services security solutions
  • Describe Project Metro
  • Define Web Services Interoperability Technology (WSIT)
  • Describe the Metro security specifications
  • Design Security for Web Services Applications

Securing Java Web Services Using Application-Layer and Transport-Layer Security

  • Identify the various methods to implement security in Java Platform, Enterprise Edition (Java EE platform) applications
  • Describe how to use Secure Sockets Layer (SSL) to secure a Java EE 5 web service application
  • Outline the security mechanisms used by Java EE 5 web-tier applications
  • State the functions of the Java EE 5 authentication service
  • Describe how to secure web services by using application-layer security and transport-layer security
  • Implement Application-Layer and Transport-Layer Security
  • Implement basic authentication for a web service
  • Implement transport-layer security for a web service

Securing Java Web Services Using Message-Layer Security

  • Describe how to attach policy assertions to a Web Services Description Language (WSDL) file
  • Describe the web services security technology in Metro
  • Explain the security specifications implemented by Metro
  • Describe how to configure web services security by using Metro
  • Describe how to configure web services security by using the NetBeans Metro plug-in
  • Describe how to configure GlassFish for message security
  • Describe how to enable application-specific web services security by using GlassFish
  • Describe how to enable message security in a client application by using GlassFish

Relating Web Services Security and Identity Management

  • Describe the need for identity management
  • Describe the business drivers for identity management
  • Describe the capabilities of Sun Java System Access Manager 7.1
  • Describe the components and features of Sun Java System Access Manager 7.1
  • Describe identity management support in NetBeans IDE
  • Describe how to install Sun Java System Access Manager 7.1
  • Install and Configure Access Manager
  • Install and configure Access Manager 7.1 Patch 1

Securing Web Services Using WS-I BSP Token Profiles

  • Explain the Security Assertion Markup Language (SAML)
  • Demonstrate SSO system flow by using SAML tokens
  • Describe how to configure SAML support on Access Manager
  • Describe how to enable SAML-based authentication to secure a web service client and a web service provider by using Access Manager
  • Describe how to secure web services by using WS-I BSP tokens
  • Secure web services using the WS-I BSP SAML-HolderOfKey security mechanism
  • Secure web services using the WS-I BSP UserNameToken security mechanism
  • Secure web services using the WS-I BSP X509Token security mechanism

Securing Web Services Using Liberty Token Profiles

  • Describe the network identity implementation
  • List and explain the web services security providers in Sun Java System Access Manager 7.1
  • Describe federated identity
  • Explain Liberty web services and Liberty process flow
  • Describe how to secure web services by using Liberty tokens
  • Secure web services using the LibertyBearerToken security mechanism
  • Secure web services using the LibertySAMLToken security mechanism
  • Secure web services using the LibertyX509Token security mechanism
Získané autorizace:



Ostatní partnerské organizace: