1-877-WEBUCATE
(1-877-932-8228)
info@webucator.com
 
Microsoft Training
Java Training
XML Training
Database & SQL Training
PHP, Perl, ASP, Groovy, Grails, Ruby on Rails Training
HTML, JavaScript, Ajax & CSS Training
Adobe CS3 Training
◊ PRIVATE JAVA WEB SERVICES TRAINING

Need a private class for your team delivered at your site or a location near you?
For private groups of three or more, Webucator offers completely customizable and cost-effective Java Web Services classes delivered at your offices or a location near you.

To have someone contact you about these classes, please fill out the form below.

* (Required)
* (Required)
* (Required)
* (Required)
* (Required)
(The number of people requiring training)
(For Federal Government Pricing)
* (Required)

Securing Java Web Services Training (4 days)

This Java Web Services class is delivered for private groups onsite at your offices or a location of your choice. It can also be delivered via the Internet for geographically distributed staff.

Securing Java Web Services Overview

This advanced course introduces Java developers to key technology for developing secure Web services. Specifically, we focus on XML signature and encryption standards, the WS-Security specification and token profiles, and the Security Assertions Markup Language (SAML). Students practice signing and encrypting XML message content, and configuring J2EE tools to support signature and encryption of SOAP messages under the Java API for XML-Based RPC (JAX-RPC).

The course emphasizes hands-on exercise, and students will spend roughly half of their classroom time solving specific security problems. Some early labs on XML signature and encryption work to local files; but the bulk of the work is with running JAX-RPC web services: adding WS-Security headers, signing and encrypting message content, and passing SAML assertions among various parties to a messaging scenario.

Although for practical purposes this course relies on a specific platform -- Java and J2EE -- much of the course content teaches interoperable specifications and would be equally useful to developers working on other Web-service-capable platforms such as .NET.

Securing Java Web Services Course Goals

  • Understand the unique challenges in securing interoperable XML-based services.
  • Apply W3C standards to digitally sign and encrypt XML fragments and documents.
  • Understand the importance of the WS-Security specifications to interoperably secure messaging.
  • Use emerging Java APIs to configure or implement signature, encryption, and various WS-Security header content for Java Web services.
  • Exchange security information between servers, applications, and components, using SAML assertion and protocol models.

Securing Java Web Services Course Prerequisites

Experience in the following areas is required:

  • Solid Java programming experience is essential;
  • Experience developing Java Web services is assumed
  • Students are expected to be able to read and write XML fluently, and have some familiarity with XML Schema. Consider courses

Securing Java Web Services Course Outline

  1. Web-Service Security
    1. Security for Web Services
    2. Threats
    3. Technology and Techniques
    4. Solution Levels
    5. HTTP Solutions
    6. The World-Wide Web Consortium
    7. XML Solutions
    8. Encryption
    9. Hashing
    10. Signature
    11. OASIS
    12. Web-Services Solutions
    13. Technology Stacks: WS-Federation and Liberty Alliance
    14. WS-Security
    15. SAML
  2. HTTP Security
    1. HTTP Authentication Schemes
    2. HTTP BASIC
    3. HTTP DIGEST
    4. Securing Web-Service URLs
    5. HTTPS
    6. JAX-RPC Support
    7. Axis Support
  3. XML Signature
    1. XML Digital Signature
    2. Canonical XML
    3. Enveloped, Enveloping, and Detached Signatures
    4. SignedInfo and References
    5. The Java Cryptography Architecture
    6. Keystores
    7. keytool
    8. X.509 Certificates
    9. The KeyStore API
    10. Java XML Digital Signature API
    11. Steps to Sign and Verify XML Content
    12. JAX-RPC Message Handlers
    13. Foiling the Man in the Middle
  4. XML Encryption
    1. XML Encryption
    2. EncryptedData
    3. Element vs. Content Encryption
    4. Encrypted Keys
    5. The Java Cryptography Extensions
    6. Apache XML Security
    7. Steps to Encrypt and Decrypt XML Content
  5. WS-Security
    1. The WS-Security Specifications
    2. Relationship to W3C Specifications
    3. Security Tokens
    4. Timestamps
    5. Tools for WS-Security
    6. Integrating into JAX-RPC Services and Clients
  6. Securing Web Services
    1. Practical Use of WS-Security
    2. Foiling Replay Attacks
    3. Dynamic Security Policies
  7. The Security Assertions Markup Language
    1. History of SAML
    2. Goals and Non-Goals
    3. Authorities
    4. Assertions
    5. Protocol
  8. SAML Assertions
    1. The Assertions Schema
    2. Extensibility
    3. Assertions and Subjects
    4. NameIdentifiers and SubjectConfirmations
    5. AuthenticationStatements
    6. AttributeStatements
    7. AuthorizationDecisionStatements
    8. Actions and Evidence
    9. SAML Tokens
    10. OpenSAML
    11. Signing SAML Assertions
  9. SAML Protocol
    1. SAML Messaging
    2. The SAML Protocol Schema
    3. Request Types
    4. Response Types
    5. Status and StatusCode
    6. AuthenticationQuery
    7. AttributeQuery
    8. AuthorizationDecisionQuery
    9. SAML as the Substance

Securing Java Web Services Course Materials

In addition to a comprehensive set of materials, including course notes and all the programming examples, each student will also receive a one-year subscription to Webucator's online reference library, which contains hundreds of the most current electronic technology books - a $149.95 per student value.

Securing Java Web Services Technical Requirements

Complete Setup Instructions

home - onsite classes - instructor-led online courses - self-paced online courses - why webucator - partners - contact - sitemap
© 2007 Webucator. All rights reserved. info@webucator.com | Toll Free: 877-WEBUCATE (877-932-8228) | From Outside the USA: 315-446-0560 | Fax: 315-410-5320
Phoenix, AZ | Santa Clara, CA | Santa Clara, CA | Los Angeles, CA | Sacramento, CA | Washington, DC | Atlanta, GA | Chicago, IL | Indianapolis, IN | Muncie, IN
New Orleans, LA Boston, MA | Cambridge, MA | Charlestown, MA | Framingham, MA | Ipswich, MA | Lincoln, MA | Wellesley, MA | Worcester, MA | Bangor, ME | Detroit, MI
Raleigh, NC Winston-Salem, NC | Lincoln, NE | East Hanover, NJ | Eatontown, NJ | Madison, NJ | Parsippany, NJ | Trenton, NJ | Albany, NY | Buffalo, NY | Rochester, NY
New York City, NY | Syracuse, NY | West Babylon, NY | Dayton, OH | Bethlehem, PA | Philadelphia, PA | Pittsburgh, PA | Pittsburgh, PA | State College, PA
Middletown, RI | Rapid City, SD | Austin, TX | Dallas, TX | Houston, TX | Arlington, VA | McLean, VA | Seattle, WA | Toronto, Canada | Ottawa, Canada | Calgary, CA