List of Listings

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

List of Listings

Chapter 2. Getting started with web services

Listing 2.1. A sample XML document

Listing 2.2. Extract from the XML schema This schema is sourced from http://schemas.xmlsoap.org/soap/envelope/ and is copyrighted by Martin Gudgin. describing a SOAP 1.1 envelope

Listing 2.3. Locating a named child element under a given DOM element

Listing 2.4. A SOAP RPC request sent over HTTP

Listing 2.5. Example illustrating the use of multiRef in SOAP encoding

Listing 2.6. Example of a SOAP 1.1 Fault

Listing 2.7. Example of a SOAP 1.2 Fault

Listing 2.8. WSDL binding in action

Listing 2.9. Declaring a port type

Listing 2.10. Sample brokerage service

Listing 2.11. Service invocation using pregenerated stubs

Listing 2.12. Service invocation using dynamic proxy

Listing 2.13. Service invocation using DII

Listing 2.14. Command for generating a C# client stub

Listing 2.15. Sample C# client, BrokerageClient.cs, using the generated stub to retrieve a stock quote

Chapter 3. Extending SOAP for security

Listing 3.1. Simple SOAP header entry example to add sender information

Listing 3.2. SOAP Header element attributes

Listing 3.3. Extract from com.manning.samples.soasecimpl.example2.WSSecurityUsernameHandler: Reads a username from the WS-Security header and saves it in the MessageContext

Listing 3.4. Extract from com.manning.samples.soasecimpl.example2.Example2-SoapBindingImpl: Reads username from MessageContext and uses it as part of the business logic

Listing 3.5. Extract from com.manning.samples.soasecimpl.example2.ClientSideWSSecurityHandler: Writes username to the WS-Security header before it is sent

Listing 3.6. Axis Web Service Deployment Descriptor (WSDD) for a service with two handlers arranged in a chain

Listing 3.7. Configuring handlers on the client-side for clients using DLL

Listing 3.8. Configuring handlers on the client-side for clients using Axis-generated stubs

Listing 3.9. WS-Addressing elements declare destination endpoint address whereas transport (HTTP) headers declare next hop address

Chapter 4. Claiming and verifying identity with passwords

Listing 4.1. Example of a security header with username and password

Listing 4.2. Client code adding username/password to context before invoking the service

Listing 4.3. Reading username/password from context and setting the UsernameToken in the security header entry

Listing 4.4. Logging in using JAAS API

Listing 4.5. JAAS CallbackHandler implementation to read username and password from MessageContext

Listing 4.6. Extract from a JAAS configuration file

Listing 4.7. Code extract from a JAAS login module

Listing 4.8. Extract from WSSecurityUsernameHandler: Reads username and password from the WS-Security header and saves them in the MessageContext

Listing 4.9. Example of a security header with a username and password digest

Listing 4.10. Initialization code in ClientSideWSSecurityHandler

Listing 4.11. Generating nonce

Listing 4.12. Generating the timestamp

Listing 4.13. Generating the transformed password

Listing 4.14. Generating the digest

Listing 4.15. Reading the nonce from the security header

Listing 4.16. Handling the callbacks for digest authentication

Listing 4.17. JAAS configuration for digest mechanism

Listing 4.18. NonceCheckJAASModule initialization

Listing 4.19. Getting the nonce information from the user

Listing 4.20. Verification that nonce is not repeated

Chapter 5. Secure authentication with Kerberos

Listing 5.1. Identifying the target service

Listing 5.2. Creating client credentials

Listing 5.3. Obtaining TGT via JAAS login and passing it via current access control context to ServiceTicketGrabber

Listing 5.4. ServiceTicketGrabber implementation

Listing 5.5. Validation of a service ticket received from a client

Listing 5.6. Use of BinarySecurityToken to carry a Kerberos service ticket.

Listing 5.7. Extract from init method of ClientSideWSSecurityHandler

Listing 5.8. Adding a Kerberos service ticket as a BinarySecurityToken in the Security header

Listing 5.9. Code to copy a Kerberos service ticket in Security header to message context

Listing 5.10. Code to populate subject information post-login in GSSContextAcceptanceJAASModule

Listing 5.11. Code to dispose of GSSContext during logout

Chapter 6. Protecting confidentiality of messages using encryption

Listing 6.1. Creating a key pair and storing it in a key store using Java keytool

Listing 6.2. Inspecting the contents of a key store using Java keytool

Listing 6.3. Generating a CSR with Java keytool

Listing 6.4. SSL/TLS connector configuration in Tomcat

Listing 6.5. Exporting Tomcat’s digital certificate from its keystore and importing it into a client keystore

Listing 6.6. Dynamically generating a symmetric key and encrypting it using intended recipient’s public key

Listing 6.7. Header of a sample SOAP message using username/password–based authentication

Listing 6.8. Overview of SOAP header contents after encrypting the UsernameToken element shown in listing 6.7

Listing 6.9. A sample EncryptedData element

Listing 6.10. A sample EncryptedKey element

Listing 6.11. Replacing nodes to encrypt with EncryptedData elements

Listing 6.12. (Step 4a) Looking up the decrypting side’s certificate in the key store

Listing 6.13. (Step 4b) Encrypting the symmetric key used for encryption in step 3

Listing 6.14. (Step 4c) Instantiating the EncryptedKey class using the result of step 4b

Listing 6.15. (Step 4d) Adding ReferenceList to EncryptedKey

Listing 6.16. (Step 4e) Adding a reference to the recipient’s certificate to EncryptedKey

Listing 6.17. (Step 4f) Serializing theEncryptedKey instance as XML and prepending it to the Security header

Listing 6.18. (Step 1) Locating the relevant Security header entry

Listing 6.19. (Steps 3-7) Code for processing an EncryptedKey element

Chapter 7. Using digital signatures

Listing 7.1. Example of a signed SOAP message

Listing 7.2. Outline of a Signature entry in the WS-Security header

Listing 7.3. Example of SignedInfo element in a signature

Listing 7.4. Example of KeyInfo element in a signature

Listing 7.5. Encoding a certification path for use in a signature element

Listing 7.6. Creating a signature element and prepending it to the WS-Security header. The signature is not fully filled in.

Listing 7.7. Creating and adding a BinarySecurityToken that contains the sender’s certification path to the Security header entry

Listing 7.8. Populating KeyInfo in the Signature element

Listing 7.9. Adding a reference to each of the elements that need to be protected using signatures

Listing 7.10. Extension of Apache XML Security Library’s ResolverFragment class to resolve a wsu:Id identifier to an element bearing that identifier

Listing 7.11. Code in ServerSideWSSecurityHandler to handle elements of a Security header entry in the order they appear

Listing 7.12. Code to process BinarySecurityToken elements containing an X.509 certificate or certificate chain

Listing 7.13. Code to validate a certificate or a certificate chain

Listing 7.14. Code to validate a Signature element

Chapter 8. Implementing security as a service

Listing 8.1. A sample SAML assertion

Listing 8.2. A sample SAML assertion making an authentication statement

Listing 8.3. A sample SAML assertion making an attribute statement

Listing 8.4. A sample SAML assertion making an authorization decision statement

Listing 8.5. Code snippet from SAMLCreationHandler

Listing 8.6. Deployment descriptor for the ProxyService

Listing 8.7. Four possible signatures for methods that implement a message-style service in Axis

Listing 8.8. Code snippet from the ProxyService implementation

Listing 8.9. Code to process a SAML assertion with an authentication statement and set the authenticated subject information in message context

Listing 8.10. Structure of a request to an STS

Listing 8.11. Example of an RST element

Listing 8.12. Example of an RSTR element

Listing 8.13. Example of a request using SAML protocol over SOAP

Listing 8.14. Example of a response from a security service supporting the SAML protocol

Chapter 9. Codifying security policies

Listing 9.1. Makeup of a WS-Policy

Listing 9.2. Sample GetMetaData request

Listing 9.3. Sample response to a GetMetadata requests

Listing 9.4. Attaching a policy to WSDL

Listing 9.5. Example of TransportBinding in WS-SecurityPolicy describing endpoint-level requirements

Listing 9.6. Example of SymmetricBinding in WS-SecurityPolicy describing endpoint-level requirements

Listing 9.7. Example of AsymmetricBinding in WS-SecurityPolicy describing endpoint-level requirements

Listing 9.8. Example of WS-SecurityPolicy assertions that describe message-level requirements

Appendix B. WS-SecureConversation

Listing B.1. Reuse of a previously established symmetric encryption key using WS-SecurityConversation

Appendix C. Attaching and securing binary data in SOAP

Listing C.1. Example of an SwA message

Listing C.2. An example SOAP message serialized as a MIME message, in accordance with MTOM

Appendix D. Securing SAML assertions

Listing D.1. Example of a signature over a SAML assertion

Listing D.2. Example of AudienceRestrictionCondition

Listing D.3. Example of a subject with sender-vouches subject confirmation method

Listing D.4. Example of a subject with holder-of-key subject confirmation method

Listing D.5. Example of a signature whose KeyInfo points to a SAML assertion

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for List of Listings

Create new playlist

Sign In

Sign Up

List of Listings

Table of Contents for
List of Listings