[Previous entry: "Frank Nimphius talks about disabling Forms builder security in 10g"] [Next entry: "Oracle VP database and server technology in Germany talks about Oracle patch schedules"]
Colin Maxwell talks about securing web services using JDev and WS-Security
November 11th, 2004 by Pete
Post to del.icio.us
Post to Furl
I noticed this evening when surfing around that a new Oracle related web log has been started by Colin Maxwell (I found his blog on Brian Duff's excellent orablogs website). I am always on the lookout for new Oracle and security information and Colin has provided this in one of hist posts yesterday entitled Securing Web Services using JDev and WS-Security.
This is an interesting post for me as I am not a JDeveloper expert so I am happy to learn. Colin discusses some new wizards that are available in JDeveloper 10.1.3. These include wizards to help users specify WS-Security, WS-Reliability and WS-Management. Colin takes us through a step-by-step guide showing how to spot the pitfalls that might occur when using JDevelopers wizards to secure a web service.
Colin starts with creating a simple web service which can be secured; he shows us how to use the example key store first and then fires up the WS-Security wizard and discusses each of the screens and choices in detail. Colin then goes on to show us how to deploy the secured web service to the oc4j server along with the key store. He does this with an EAR deployment file. He deploys the web service and goes on to create a web service client which uses the "create proxy wizard", finally he goes on to test the client after building it and confirms with a packet monitor that the transmission is signed and encrypted.
This is an excellent article, again it is available here.
