Desp 4

Creating a virtual server to manage HTTPS
traffic............................................. 121
Creating a simple security
policy.........................................................................121
Creating an access
profile............................................................................
.......122
Configuring an access
policy.............................................................................
. 124
Adding the access profile to the virtual
server.................................................... 125
Setting up ASM session tracking with
APM........................................................ 125
Monitoring user and session
information............................................................ 127
Mitigating Open
Redirects..........................................................................
........................... 129
Overview: Mitigating open
redirects..........................................................................
.....129
Mitigating open
redirects..........................................................................
........... 129
Adjusting how open redirects are
learned...........................................................130
Enforcing redirection
domains............................................................................
.131
Implementation
results............................................................................
.......................131
Setting Up Cross-Domain Request
Enforcement................................................................ 133
About cross-domain request
enforcement.....................................................................
133
Setting up cross-domain request
enforcement....................................................133
Replacing CORS headers in
requests................................................................ 134
How cross-domain request enforcement
works.................................................. 136
Implementing Web Services
Security...........................................................................
........139
Overview: Implementing web services
security............................................................. 139
About client and server
certificates.....................................................................
139
Adding client and server
certificates................................................................... 139
Enabling encryption, decryption, signing, and verification of SOAP messages.. 140
Writing XPath
queries............................................................................
..............142
Configuring blocking actions for web services
security....................................... 143
Fine-tuning Advanced XML Security Policy
Settings..........................................................145
Fine-tuning XML defense
configuration......................................................................
... 145
Advanced XML defense configuration
settings ............................................................. 145
Masking sensitive XML
data...............................................................................
........... 147
Overriding meta characters based on
content............................................................... 148
Managing SOAP
methods............................................................................
..................148
Adding JSON Support to an Existing Security
Policy.........................................................151
Overview: Adding JSON support to existing security
policies........................................151
Creating a JSON
profile............................................................................
.......... 151
Associating a JSON profile with a
URL...............................................................152
Associating a JSON profile with a
parameter......................................................153
Implementation
result.............................................................................
........................154
Creating Security Policies for AJAX
Applications...............................................................155
Application security for applications that use
AJAX....................................................... 155
Overview: Creating a security policy for applications that use
AJAX............................. 155
Creating a simple security
policy.........................................................................155
Implementation
result.............................................................................
.............156
Overview: Adding AJAX blocking and login response
behavior.....................................156
Configuring the blocking response for AJAX
applications...................................157

Desp 4

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Desp 4

Uploaded by

Copyright:

Available Formats

Creating a virtual server to manage HTTPS

You might also like