Share |

WS-Security Core Specification

The current version of WS-Security core specification is 1.1 which can be downloaded here

. WS-security has strived to be extensible so that it can server the basic need of different security models which includes:

Multiple security token formats
Multiple trust domains
Multiple signature formats
Multiple encryption technologies
End-to-end message content security and not just transport-level security

What WS-security does is that it specifies a format in which the security information is sent. The information is sent as part of SOAP header. WS-security does not deals with the implementaion details like how the authentication context needs to be set up. In simple terms, WS-security tells that how to specify the security details in the SOAP header. People have been doing custom security handling by introducing their own headers. However this leads to non standardization and tools and frameworks cannot help out. WS-security supports both SOAP 1.1 and 1.2 version.

WS-security supports the following namespaces:

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity263secext-1.0.xsd
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity265utility-1.0.xsd
http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd

All the information about security is put in SOAP header in a security element


<soap:Envelope>
   <soap:Header>
    ...
  <wsse:Security
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
   soap:actor="..." soap:mustUnderstand="...">
  <!-- All the security information goes here. actor attribute tells who
     will process the request. mustUnderstand attribute signifies that this header
     should be processed. If unable to process SOAP fault should be raised.-->
 </wsse:Security>
 ...
 </soap:Header>
 ...
</soap:Envelope>

Sending Credentials

The user credentials can be passed as username and passwords.


<wsse:Security>
    <wsse:UsernameToken>
         <wsse:Username>oyejava</wsse:Username>
         <wsse:Password>oyejava</wsse:Password>UsernameToken>
</wsse:Security>

The user credentials can be sent in encoded format also using BinarySecurityToken


<BinarySecurityToken Id=...
                      EncodingType=...
                      ValueType=.../>

Id - Label for the security token. It is an optional field.
ValueType - Defines the value type like X509 certificate.
EncodingType - Encoding format like wsse:Base64Binary

Security Token Reference

Let's now understand security token reference. It helps us in refering to the different part of the SOAP message using id.


<soap:Envelope xmlns="...">
   <soap:Header>
      <wsse:Security
             xmlns:wsse="...">
        <ds:Signature>
            ...
            <ds:KeyInfo>
                #FF0000:<wsse:SecurityTokenReference>Reference URI="soapBody"/>
                </wsse:SecurityTokenReference>
            </ds:KeyInfo>
         </ds:Signature>
      </wsse:Security>
  </soap:Header>
  <soap:Body #FF0000:Id="soapBody">~~
    ...
  </soap:Body>
</soap:Envelope>

Back To Java Home
Back To Home

Add Comment

Post new comment

Wiki Help
Plugin Help

Wiki Syntax

For more information, please see Wiki Page Editor and Wiki Syntax

Wiki Syntax
Bold text __text__
Italic text 2 single quotes ('). ''text''
Underlined text ===text===
Colored text ~~#FFEE33:text~~ or ~~yellow:text~~. Will display using the indicated HTML color or color name. Color name can contain two colors separated by a comma. In this case, the first color would be the foreground and the second one the background.
Deleted text 2 dashes "-". --text--
Headings !heading1, !!heading2, !!!heading3
Show/Hide !+, !!- show/hide heading section. + (shown) or - (hidden) by default.
Autonumbered Headings !#, !!#, !+#, !-# ...
Table of contents {toc}, {maketoc} prints out a table of contents for the current page based on structures (toc) or ! headings (maketoc)
Horizontal rule ----
Text box ^Box content^
Centered text ::text::
Dynamic variables %Name% Inserts an editable variable
External links use square brackets for an external link: [URL], [URL\|link_description],[URL\|link_description\|relation] or [URL\|description\|relation\|nocache] (that last prevents the local Wiki from caching the linked page; relation can be used to insert rel attribute for the link - useful e.g. for shadowbox). For an external Wiki, use ExternalWikiName:PageName or ((External Wiki Name: Page Name))
Square Brackets Use [[foo] to show [foo].
Wiki References ((page)) or ((page\|description)) for wiki references
Lists * for bullet lists, # for numbered lists, ;Word:definition for definiton lists
Indentation +, ++ Creates an indentation for each plus (useful in list to continue at the same level)
Tables \|\|row1-col1\|row1-col2\|row1-col3 row2-col1\|row2-col2\|row2-col3\|\|
Title bar -=Title=-
Monospace font -+Code sample+-
Line break %%% (very useful especially in tables)
Multi-page pages Use ...page... to separate pages
Non parsed sections ~np~ data ~/np~ Prevents wiki parsing of the enclosed data.
Preformated sections ~pp~ data ~/pp~ Displays preformated text/code; no Wiki processing is done inside these sections (as with np), and the spacing is fixed (no word wrapping is done). ~pre~ data ~/pre~ also displayes preformatted text with fixed spacing, but wiki processing still occurs on the text.
Comments ~tc~ Tiki Comment ~/tc~ makes a Tiki comment. It will be completely removed from the display, but saved in the file for future reference. ~hc~ HTML Comment ~/hc~ makes an HTML comment. It will be inserted as a comment in the output HTML; these are not normally displayed in browsers, but can be seen using "View Source" or similar.
Direction {r2l}, {l2r}, {rm}, {lm}Insert resp. right-to-left and left-to-right text direction DIV (up to end of text) and markers for langages as arabic or hebrew.
Special characters ~hs~ hard space, ~c~ ©, ~amp~ &, ~lt~ <, ~gt~ >, ~ldq~ “, ~rdq~ ”, ~lsq~ ‘, ~rsq~ ’, ~--~ —, ~bs~ \, numeric between ~ for html numeric characters entity

Because the Wiki paragraph formatting feature is off, each line will be presented as you write it. This means that if you want paragraphs to be wrapped properly, a paragraph should be all together on one line.

Plugins

Note that plugin arguments can be enclosed with double quotes ("); this allows them to contain , or = or >.
More help here

Filter:

Description
Attachment Displays an attachment or a list of them
Box Insert theme-styled box on wiki page
Center Centers the plugin content in the wiki page
Code Displays a snippet of code
Div Insert a division block, span, blockquote or other text formatting on wiki page.
Definition List Creates a definition list
Fade Displays a label. On click, the block of content will fade in and fade out.
Fancy List Creates a fancy-looking list
Fancy Table Displays the data using the Tikiwiki odd/even table style
File Displays a link to an attachment to a wiki page and can display an image attachment.
Files Displays a list of files from the File Gallery
Flash video Displays a Flash (.swf) file in the wiki page
googlemap Displays a Google map
Group Display wiki text if user is in one of listed groups
Group List List of groups including a group
Group Stats Displays some stat about group belonging
HTML Include literal HTML in a Wiki page
Image Display images
Include Include a page's content.
Invite Invite an email in groups.
Kaltura video Displays a KALTURA video on the wiki page
Language Displays the text only if the language matchs
Mail Allow to send mail to groups or user or email directly
Mediaplayer Simple mp3 or flv Player
Insert Module Displays a module inline in a wiki page. More parameters can be added, not supported by UI.
Mouseover Create a mouseover feature on some text
Poll Displays the output of a poll, fields are indicated with numeric ids.
Quote Quote text by surrounding the text with a box, like the [QUOTE] BBCode
Remarks Box Displays a comment, tip, note or warning box
RSS Feed Inserts an RSS feed output.
Sort Sorts the plugin content in the wiki page
Split Split a page into rows and columns
Subscript Displays text in subscript.
Superscript Displays text in superscript (exponent).
Tabs Provides tabs built using the smarty tabset block.
Thumbnail Displays the thumbnail for an image
Thumbnail Displays the thumbnail for an image
Tracker Comments Displays the number of tracker comments
Translated Links to a translated content
Youtube Display youtube video in a wiki page

Title (required)
Toolbars
Comment (required)
Anti-Bot verification code:
Enter the code you see above:
Enter your name (optional)
Post new comment

WS-Security Core Specification

Post new comment

Wiki Syntax

Plugins

Sidebar

Last wiki comments

Sidebar

Random Pages

Last blog post comments