Monday Jun 15, 2009
Wednesday May 27, 2009
Sunday Apr 06, 2008
By Jiandong Guo on Apr 06, 2008
I will give a talk in 2008 JavaOne together with Symon Chang of BEA.
Here is the information.
7:30 PM -8:20 PM
Java™ Technology for Web Services Secure Exchange: New WS-SX Standards in Action
WS-SecurityPolicy 1.2, WS-SecureConversation 1.3, and WS-Trust 1.3 are three new standards from the OASIS Web Services Secure Exchange (WS-SX) Technical Committee (TC). On top of OASIS WS-Security, these three new standards will enable developers on the Java™ platform to make enterprise Java technology-based web services applications more efficient and more secure in a large, distributed service-oriented architecture (SOA) environment.
This session delves into the Oasis WS-SX standards and discusses the web services security essentials for enterprise technology developers on the Java platform. It presents best practices for end-to-end interoperability and security scenarios and recommends the best strategy for deploying WS-Security together with WS-SecurityPolicy, WS-SecureConversation, and WS-Trust. It provides guidance for how these technologies should be used in the real world.
The presentation also discusses issues of interoperability among different vendors on different platforms with these three security exchanges and makes recommendations on how to ensure interoperability with various web services security scenarios.
Attendees who have a basic knowledge of web services, SOA, and WS-\* standards and want to implement web services security will benefit the most from this session. The speakers are WS-SX TC members with expertise in the web services security arena. They are ready to answer any deep technical questions on fields related to Java platform and web services security.
- Introduction to Oracle Web Services and Web Services Manager
- Oracle Web Services Manager
- Security Token Service and Identity Delegation with Metro
- Metro 2.0 and Beyond
- Handling Claims with Metro STS II
- ActAs and Credential Delegation: update
- Token Caching and Sharing, Single Sign On Among Services II: token life time
- ActAs and Credential Delegation III: Common Issues
- ActAs and Credential Delegation II: Secure Conversation with STS