Table of Contents
- Title and Copyright Information
- Preface
- 1 WebLogic Security Programming Overview
-
2
Securing Web Applications
- Authentication With Web Browsers
- Multiple Web Applications, Cookies, and Authentication
-
Developing Secure Web Applications
- Developing BASIC Authentication Web Applications
- Understanding BASIC Authentication with Unsecured Resources
- Developing FORM Authentication Web Applications
- Using Identity Assertion for Web Application Authentication
- Using Two-Way SSL for Web Application Authentication
- Providing a Fallback Mechanism for Authentication Methods
- Developing Swing-Based Authentication Web Applications
- Deploying Web Applications
- Using Declarative Security With Web Applications
- Web Application Security-Related Deployment Descriptors
- Using Programmatic Security With Web Applications
- Authenticating Users Programmatically
- 3 Using JAAS Authentication in Java Clients
-
4
Using SSL Authentication in Java Clients
- JSSE and WebLogic Server
- Using JNDI Authentication
- SSL Certificate Authentication Development Environment
-
Writing Applications that Use SSL
- Communicating Securely From WebLogic Server to Other WebLogic Servers
- Writing SSL Clients
- Using Two-Way SSL Authentication
- Using a Custom Host Name Verifier
- Using a Trust Manager
- Using the CertPath Trust Manager
- Using a Handshake Completed Listener
- Using an SSLContext
- Using URLs to Make Outbound SSL Connections
- SSL Client Code Examples
-
5
Securing Enterprise JavaBeans (EJBs)
- Java EE Architecture Security Model
- Using Declarative Security With EJBs
-
EJB Security-Related Deployment Descriptors
- ejb-jar.xml Deployment Descriptors
-
weblogic-ejb-jar.xml Deployment Descriptors
- client-authentication
- client-cert-authentication
- confidentiality
- externally-defined
- identity-assertion
- iiop-security-descriptor
- integrity
- principal-name
- role-name
- run-as-identity-principal
- run-as-principal-name
- run-as-role-assignment
- security-permission
- security-permission-spec
- security-role-assignment
- transport-requirements
- Using Programmatic Security With EJBs
- 6 Using Network Connection Filters
- 7 Using Java Security to Protect WebLogic Resources
-
8
SAML APIs
- SAML API Description
- Custom POST Form Parameter Names
- Creating Assertions for Non-WebLogic SAML 1.1 Relying Parties
-
Configuring SAML SSO Attribute Support
- What Are SAML SSO Attributes?
- APIs for SAML Attributes
- SAML 2.0 Basic Attribute Profile Required
- Passing Multiple Attributes to SAML Credential Mappers
- How to Implement SAML Attributes
- Examples of the SAML 2.0 Attribute Interfaces
- Examples of the SAML 1.1 Attribute Interfaces
- Make the Custom SAML Credential Attribute Mapper Class Available in the Console
- Make the Custom SAML Identity Asserter Class Available in the Console
- 9 Using CertPath Building and Validation
- 10 Using JASPIC for a Web Application
- 11 Using the Java EE Security API
- A Deprecated Security APIs