The WS-Security standard provides a different approach to Web service security.
WS - Security标准为Web服务安全提供了不同的方法。
Use the WebSphere Application Server console to disable web service security policies for the sample service.
使用WebSphereApplicationServer控制台禁用示例服务的Web服务安全策略。
Using the WebSphere Application Server console to configure the web service Security policies for a sample service.
使用WebSphereApplicationServer控制台为示例服务配置Web服务安全策略。
Future tutorials in the series will cover DB2 trusted context, Web service security, and Web service atomic transactions.
本系列的后续教程将介绍DB 2受信任上下文、Web服务安全和Web服务原子事务。
As Figure 1 shows, WS-Security is a Web Service security standard on which other Web Services security standards are built.
如图1所示,WS - Security是一个Web服务安全性标准,其他的Web服务安全性标准构建在它的上面。
In the next section, we discuss the problems that arise with DB2 Web Service provider security and show how to address this in WebSphere.
在下一节中,我们讨论DB 2Web服务提供者安全性所引起的问题,并展示如何在WebSphere中解决这些问题。
The problems of an administrator who sets up security for the DB2 Web Service provider are the problem of identification and authentication, which we have already mentioned.
为DB 2Web服务提供者设置安全性的管理员的问题是识别和认证的问题,这个我们已经提到过。
The sample Web service provider application is configured to use WS-Security with a lightweight Third Party Authentication (LTPA) token.
实例Web服务提供者应用程序配置为通过轻量级第三方认证(Lightweight Third Party Authentication,LTPA)令牌使用WS-Security。
In all these scenarios, you can use the higher-level Web service protocols such as WS-Addressing and WS-Security, which give you flexible routing schemes and secure interactions, respectively.
在所有这些场景中,您可以使用诸如ws - Addressing和WS - Security等高级Web服务协议,这些协议分别为您提供灵活的路由方案和安全的交互。
Other samples provided with WSDK deal with more advanced Web services, including Web services built from EJB components and Web services which use Security between the client and the Web service.
与WSDK一起提供的其他样本程序涉及更高级的Web服务,包括从ejb组件构建的Web服务,以及在客户机和Web服务之间使用安全性的Web服务。
If this is the case, you can be confident that the client user identity is being successfully propagated to the Web service provider application using WS-Security.
如果是这样,则可以确信客户机用户标识使用WS - Security成功传播到了Web服务提供者应用程序。
The provider gateway will take this DN and propagate it to the Web service provider in an LTPA token inside a WS-Security header.
提供者网关将采用此DN,并将其传播给WS安全标头中ltpa令牌中的Web服务提供者。
Since the client was configured to read the WS-Policy and use it to configure the client's WS-Security settings, the Web service invoke failed.
由于客户端被配置为读取WS-Policy并使用它配置客户端的WS-Security设置,因此Web服务调用会失败。
When the EchoService issues a response, it is sent to the DataPower Web Service Proxy to add the specified security attributes.
当EchoService 发出响应时,会将其发送到DataPowerWeb服务代理添加指定的安全属性。
Define the credentials needed to access the Web service using the Security Tab, as shown in Figure 14.
使用Security选项卡定义访问Web服务所需的凭证,如图14所示。
Make sure you understand the security requirements for accessing your Web service.
确保您充分理解了访问您的Web服务的安全性需求。
This security layer would encapsulate a Web service.
这个安全层可以封装一个Web服务。
Aside from tagging and traceability, consider adding the different automation, performance, security testing, and Web service testing tasks to your schedule and estimates.
除了标签和追踪性,考虑一下向您的日程表和估计添加不同的自动化,性能,安全性测试以及Web服务测试任务。
Let's take a look at three containers, each of which is associated with a response type that you could use in describing application security vulnerability in a Web service.
让我们检查一下三种容器,其中任意一种都与您在Web服务中用于描述应用程序安全漏洞的响应类型相关。
Interoperable Web services can make those security solutions available to product and service providers as a kind of utility.
可互操作的Web服务可以将那些安全性解决方案用作产品和服务供应商的一类实用程序。
This means that all requests against the Web service interface must contain a security token, which represents a valid user authentication.
这意味着对Web服务接口的所有请求必须包含一个安全令牌,安全令牌代表有效的用户凭证。
WS-Security is a standard for adding security to SOAP Web service message exchanges (see Resources).
WS - Security是向SOAPWeb服务消息交换添加安全性的一种标准(见参考资料)。
If you need to, you can also import security certificates and create SOAP security configurations with security algorithms for the Web service calls and message returns.
如果您需要,您还可以导入安全认证,并且用对于Web服务调用和消息返回的安全算法来创建SOAP安全认证。
The gateway can even use WS-Security to pass the context back to the service implementation, if the transport between the gateway and service provider supports SOAP and Web services security.
如果网关和服务提供者之间的传输支持SOAP和Web服务安全,网关甚至可以使用WS - Security将上下文传回到服务实现。
The client has a set of SAML policy set and bindings for configuring message level security for communications with the web service provider.
客户端有一组SAML策略集和绑定,用于配置消息级安全性,以便与Web服务提供者进行交互。
Invocation of Data Web Service operations can be enabled for security using a J2EE security scheme, which is transport-level security.
可以使用一种J2EE安全性机制,即传输级别安全性,为DataWeb Service操作的调用启用安全支持。
This includes the need for security in a non-authenticating environment (e.g., a stateless Web service).
这包括对非验证环境(例如,无状态的Web服务)中的安全的需求。
If you decide on a dedicated security monitoring Web service as the host, keep in mind that this is not the same thing as a centralized security monitoring Web service.
如果您决定采用作为主机的专用安全监视Web服务,务必记住这与集中的安全监视Web服务不是同一回事。
This scenario may be helpful in understanding the facets of a fully configured web service client application to be used for security processing.
此场景对于理解安全处理所使用的完全配置的Web服务客户机应用程序非常有帮助。
WS-Security provides a comprehensive set of security features for web service applications, building on established industry standards for cryptography and for XML encryption and signing.
WS - Security构建于成熟的密码学以及xml加密及签名的行业标准基础上,为Web服务应用程序提供了一整套的安全特性。
应用推荐