Professional Documents
Culture Documents
Services, Java EE 6
Student Guide
DWS-4120-EE6 Rev B
D66105GC10
Edition 1.0
June 2010
D67630
Copyright © 2010, Oracle and/or its affiliates. All rights reserved.
Disclaimer
This document contains proprietary information, is provided under a license agreement containing restrictions on use and
disclosure, and is protected by copyright and other intellectual property laws. You may copy and print this document solely for
your own use in an Oracle training course. The document may not be modified or altered in any way. Except as expressly
permitted in your license agreement or allowed by law, you may not use, share, download, upload, copy, print, display,
perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without the express
authorization of Oracle.
The information contained in this document is subject to change without notice. If you find any problems in the document,
please report them in writing to: Oracle University, 500 Oracle Parkway, Redwood Shores, California 94065 USA. This
document is not warranted to be error-free.
This training manual may include references to materials, offerings, or products that were previously offered by Sun
Microsystems, Inc. Certain materials, offerings, services, or products may no longer be offered or provided. Oracle and its
affiliates cannot be held responsible for any such references should they appear in the text provided.
If this documentation is delivered to the U.S. Government or anyone using the documentation on behalf of the U.S.
Government, the following notice is applicable:
Trademark Notice
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective
owners.
This page intentionally left blank.
This page intentionally left blank.
Contents
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxviii
Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
v
CONTENTS CONTENTS
WS-Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
WS-Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
WS-Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
WS-ReliableMessaging . . . . . . . . . . . . . . . . . . . . . . . . . 4-23
WS-Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
WS-Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12
WS-Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
WS-ReliableMessaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-46
WS-AtomicTransactions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49
SAAJ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
JAAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
OpenSSO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11
SAML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-7
- vii
Copyright 2010 Sun Microsystems, Inc. All rights reserved. DWS-4120-EE6 Rev. B.0
CONTENTS CONTENTS
ix
LIST OF FIGURES LIST OF FIGURES
- xi
Copyright 2010 Sun Microsystems, Inc. All rights reserved. DWS-4120-EE6 Rev. B.0
LIST OF FIGURES LIST OF FIGURES
- xiii
Copyright 2010 Sun Microsystems, Inc. All rights reserved. DWS-4120-EE6 Rev. B.0
LIST OF FIGURES LIST OF FIGURES
A.12 SSO Scenarios – SP-initiated flow with redirect and POST bind-
ings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-22
- xv
Copyright 2010 Sun Microsystems, Inc. All rights reserved. DWS-4120-EE6 Rev. B.0
LIST OF FIGURES LIST OF FIGURES
xvii
LIST OF TABLES LIST OF TABLES
xix
LIST OF CODE EXAMPLES LIST OF CODE EXAMPLES
- xxi
Copyright 2010 Sun Microsystems, Inc. All rights reserved. DWS-4120-EE6 Rev. B.0
LIST OF CODE EXAMPLES LIST OF CODE EXAMPLES