Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Securing Java Web Services

Course Summary

The Securing Java Web Services training course is designed to demonstrate the knowledge needed to develop secure Web services.

The course begins by exploring the Java Application Programming Interface for Extensible Markup Language-based Remote Procedure Call (JAX-RPC) web services. Next, it describes how to add Web Services (WS)-Security headers, signing, and encrypting message content. The course concludes with a lesson on passing Security Assertion Markup Language (SAML) assertions among various parties to a messaging scenario.

Purpose
Learn how to secure Java-based web services.
Audience
Java Web Services developers needing to harden their service offerings.
Role
Software Developer
Skill Level
Advanced
Style
Workshops
Duration
4 Days
Related Technologies
Advanced Jakarta EE | Java | JPA | JSP | Web Development | Cybersecurity

 

Productivity Objectives
  • Describe the challenges of securing web services
  • Interpret the security standards used
  • Administer security authentication

What You'll Learn:

In the Securing Java Web Services training course, you'll learn:
  • Fundamentals
    • Why and what?
    • Characteristics of application security
    • Basic security mechanisms
  • Basic Security at the EE level
    • Role-based authentication
    • Specify security constraints
    • Programmatic security
    • Declarative security
  • Challenges with Securing XML-Based Services
    • Challenges and pitfalls
    • WS-I Basic Security Profile
    • Standards (WS-Security, wS-SecurityPolicy, SAML)
  • Using WS-Security
    • Define and analyze security
    • Asymmetric vs symmetric encryption
    • Sign messages and files
    • Encrypt files
  • Using WS-Policy
    • Define and analyze the policy
    • Create policies
    • Work with WS-SecurityPolicy
    • Attachment techniques
  • Authentication
    • XML Security Tokens
    • Signed Security Tokens (X.509 and Kuberos)
    • Unsigned security tokens
    • Utilize interceptors
  • Best Practices
“I appreciated the instructor's technique of writing live code examples rather than using fixed slide decks to present the material.”

VMware

Dive in and learn more

When transforming your workforce, it's important to have expert advice and tailored solutions. We can help. Tell us your unique needs and we'll explore ways to address them.

Let's chat

By filling out this form and clicking submit, you acknowledge our privacy policy.