Course Summary:
Apache Rampart is an Axis2 module that supports various service security standards. This 3-hour course is designed to give the participants an in-depth view into the security concepts introduced in Apache Rampart/Java.
Course Objectives:
- Understanding WS-Security concepts
- Understanding WS-Trust and WS-Secure Conversation
- Using Apache Rampart to meet different security requirements
Duration:
- 3 hours
Audience:
- Advanced users who have had substantial exposure to Apache Rampart
Prerequisites:
- Substantial knowledge in security implementations in Apache; WSS4J and Rampart.
- Basic understanding of WS-Security Policy and WS-Security 1.0
- A good knowledge of XML and SOAP
Program:
- Apache Implementations – WSS4J and Rampart
- Apache WSS4J Architecture
- Apache Rampart Architecture
- WS-Security Policy
- WS Security 1.1
- Signature confirmation
- Header encryption
- Thumbprint reference
- EncryptedKey reference
- Trust Brokering with WS-Trust
- How to configure a Security Token Service
- Using an issued token as a supporting token
- Using JavaScript to transform XML
- Using an issued token as a protection token
- Secure multiple messages with WS-Secure Conversation
- Demonstration
- Security policy samples
- WS Security 1.1. samples
- WS Trust samples
- WS Secure Conversation samples