WSO2 AppServer 4.1.0

• Release Notes
• Contents
• Home

Downloads

• Releases

Documentation

• User Guide
• Architecture Guide
• Installation Guide
• Building Source
• Running Behind a Proxy
• Clustering Guide
• Changing Keys
• JMX Monitoring
• WebApp Deployment
• Data Services
• Carbon Apps
• Security Scenarios
• Class Loading

Samples

• Chad
• Commodity Quote
• Flickr
• JAXWS
• JiBX
• MTOM
• Mail
• STS
• Trader
• Tiny URL
• Metadata Exchange
• WS-Transfer
• XKMS
• JSON
• Client API
• WebApp

Resources

• Library
• Features

Get Involved

• Checkout Source
• Mailing Lists
• Issue Tracking

Project Info

• License
• Dependencies

[Download] | [Documentation Home] | [Release Note]

Default Security Scenarios

WSO2 AppServer makes it extremely easy to secure your Web Services by providing 15 pre-defined security scenarios. Normally if you try to secure a Web Service from the scratch, you have to write a WS-Security Policy document for your scenario and engage that policy into your Web Service. This can be very complex depending on your scenario. To make life easier for you, we've identified 15 most heavily used security scenarios and made those available by default in the WSO2 AppServer. All you have to do is to apply the most suitable security scenario into your service by going to "Security" link on your service dashboard. More information on security UI can be found here.

This document will provide you a more graphical explanation of each and every default security scenario supported by the WSO2 AppServer.

1. UsernameToken
   
   
   
   
2. Non-repudiation
   
   
   
   
3. Integrity
   
   
   
   
4. Confidentiality
   
   
   
   
5. Sign and encrypt - X509 Authentication
   
   
   
   
6. Sign and Encrypt - Anonymous clients
   
   
   
   
7. Encrypt only - Username Token Authentication
   
   
   
   
8. Sign and Encrypt - Username Token Authentication
   
   
   
   
9. SecureConversation - Sign only - Service as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication
   
   
   
   
10. SecureConversation - Encrypt only - Service as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication
    
    
    
    
11. SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication
    
    
    
    
12. SecureConversation - Sign Only - Service as STS - Bootstrap policy - Sign and Encrypt , Anonymous clients
    
    
    
    
13. SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy - Sign and Encrypt , Anonymous clients
    
    
    
    
14. SecureConversation - Encrypt Only - Service as STS - Bootstrap policy - Sign and Encrypt , Username Token Authentication
    
    
    
    
15. SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy - Sign and Encrypt , Username Token Authentication