WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:

Slides:



Advertisements
Similar presentations
WebGoat & WebScarab “What is computer security for $1000 Alex?”
Advertisements

Web Services with Apache CXF
A Brief Introduction 2012 Spring Security. What is it? Security toolkit for Java applications Primarily intended for web applications Open Source from.
Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.
1 Classification: Genpact Internal.  Tool From Oracle  Works with Oracle Database  PL/SQL Based  Widely Used with Oracle Applications  Can be Used.
Application Architectures Vijayan Sugumaran Department of DIS Oakland University.
What Can You do With BTM? Business Transaction Management touches the following disciplines:  Performance Management  Application Management  Capacity.
LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.
Introduction to the Java Stack Michael Youngstrom.
Digital Object: A Virtual Online Storage Solution 598C Course Project Huajing Li.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Intermediate Spring Matt Wheeler. Notes This is a training NOT a presentation Please ask questions Prerequisites – Introduction to Java Stack – Basic.
Spring Overview, Application demo -Midhila Paineni 09/23/2011 Spring Overview, Application demo9/8/20151.
Get more out of 11i with Oracle ADI Richard Byrom Oracle Applications Consultant Appsworld January 2003.
Internationalization and the Java Stack Part 1 Matt Wheeler.
What’s new in Stack 3.2 Michael Youngstrom. Disclaimer This IS a presentation – So sit back and relax Please ask questions.
Internationalization and the Java Stack Matt Wheeler.
LDS Account Integration. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:
Module 14: WCF Send Adapters. Overview Lesson 1: Introduction to WCF Send Adapters Lesson 2: Consuming a Web Service Lesson 3: Consuming Services from.
Towards a Javascript CoG Kit Gregor von Laszewski Fugang Wang Marlon Pierce Gerald Guo
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Using the ALM Module Fully Automated Deployments in Stack 3.2.
Internationalization in the Java Stack Matt Wheeler.
Introduction to Spring Matt Wheeler. Notes This is a training NOT a presentation Please ask questions Prerequisites – Introduction to Java Stack – Basic.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Using the ALM Module Michael Youngstrom. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in lab Please ask questions.
Web Services with Apache CXF Part 2: JAXB and WSDL to Java Robert Thornton.
1 Schema Registries Steven Hughes, Lou Reich, Dan Crichton NASA 21 October 2015.
Nadir Saghar, Tony Pan, Ashish Sharma REST for Data Services.
1 ECHO SSL Ordering With ECHO 9.0 Dan Pilone. 2 Agenda Introduction SSL Ordering Overview Order Fulfillment Features Provider Requirements Configuring.
LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.
LDS Account Integration. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:
WAM and the Java Stack. Disclaimer Please ask questions There are hands on labs Prerequisites: – Basic Java knowledge – Basic Spring knowledge – LDS Account.
Introduction to the Java Stack Michael Youngstrom.
Module 7: Advanced Application and Web Filtering.
February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.
Maven for building Java applications By Nalin De Zoysa
ESG-CET Meeting, Boulder, CO, April 2008 Gateway Implementation 4/30/2008.
Presentation Title Subtitle DSpace UI Prototype 7 Spring, Angular.js, and the DSpace REST API.
Introduction to Web Services Presented by Sarath Chandra Dorbala.
Copyright 2007 SpringSource. Copying, publishing or distributing without express written permission is prohibited. Overview of the Spring Framework Introducing.
LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Google Code Libraries Dima Ionut Daniel. Contents What is Google Code? LDAPBeans Object-ldap-mapping Ldap-ODM Bug4j jOOR Rapa jongo Conclusion Bibliography.
1 Server Business Logic & OAuth Beta Overview October 4, 2010 Alan Hantke Product Development Server Business Logic Intuit Partner Platform Diane Weiss.
The Rolodex Reflex: Digital Methodologies for the Lean Design Firm Course Number 84 J. Michael Leinback, AIA October
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
Web and mobile access to digital repositories Mario Torrisi National Institute of Nuclear Physics – Division of
Portlet Development Konrad Rokicki (SAIC) Manav Kher (SemanticBits) Joshua Phillips (SemanticBits) Arch/VCDE F2F November 28, 2008.
INTRODUCTION SAP Portal Fundamentals SAP Web AS Fundamental SAP Web AS ABAP Administration: SAP Web AS Java Administration SAP NetWeaver Portal Fundamentals.
October 2014 HYBRIS ARCHITECTURE & TECHNOLOGY 01 OVERVIEW.
ADVANCED HOSTING Adrian Newby, CTO.
Module 3: Enabling Access to Internet Resources
Registration, Login, Thymeleaf
Outline Types of Databases and Database Applications Basic Definitions
Module Overview Installing and Configuring a Network Policy Server
Internationalization
Data Virtualization Demoette… CIS Rights
SaaS Application Deep Dive
Product Training Program
LDS Account and the Java Stack
AD RMS Templates Active Directory Rights Management Services (AD RMS)
Hosting Geodesign and Analysis Services in Your Portal for ArcGIS
Presentation transcript:

WAM and the Java Stack

Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites: – Basic Java knowledge – Basic Spring knowledge – LDS Account Integration Training – Part 1

Outline Spring Security and Authorization WAM (Web Access Management) WAM integration w/o Spring Security WAM integration w/ Spring Security

Review Authentication vs. Authorization Previously discussed authentication with Spring Security Now focus on authorization with Spring Security

Authorization with Spring Security security/site/features.html – Comprehensive Authorization Services HTTP requests authorization (securing annotation

Protecting Urls Example of protecting urls

???? Fine grained authorization Content only visible to users who have the “chicken" authority in their list of GrantedAuthority(s). Content only visible to users authorized to send requests to the "/chicken" URL.

@PreAuthorize annotation Scanning enabled with following element: Some public void create(User == authentication.username") public void doSomething(User user);

Authorities Populators sites/stack/module.html?module=lds- account/stack-lds-account- spring/index.html#Authorities_Populators Example TODO: show example of specifying on a authentication element

Demo

WAM (Web Access Management)

What is WAM? WAM stands for Web Access Management Authentication – Authentication management – Single Sign-on Authorization – Url (course-grained) – Entitlements (fine-grained)

Architectural Overview of WAM

Injected Headers WAM injected headers: – How the headers map with LDS Account (LDAP) attributes: – tation%20Details/HTTP%20Headers.aspx Required headers – policy-ldsaccountid – policy-cn

Wamulator For complete documentation: – WAM Maven plugin provided to start/stop the wamulator

Demo

Stack / WAM integration w/o Spring Security code.lds.org/maven- sites/stack/module.html?module=lds- account/stack-lds-account- wam/index.html#Configuration wamContextFilter org.lds.stack.wam.filter.WamContextFilter wamContextFilter /*

WamContext Accessed with: WamContexts consists of 3 main parts: – LdsAccountDetails object – WamRequestProvider – EntitlementService WamContextHolder.getWamContext(); WamContextHolder.getWamContext().getLdsAccountDetails().getPreferredName(); WamContextHolder.getWamContext().getWamRequestProvider ().getCookieHeader(); WamContextHolder.getWamContext().getEntitlementService()….

Demo

Lab 1 _Part_1#Lab_1

WAM and Spring Security

Why WAM and Spring Security? Spring Security provides – Full featured authorization system – Abstraction to authentication and authorization – Allows for complex fallback authentication systems – Facilitates proxy support

WAM Spring Security Integration Integration point <intercept url TODO …

Demo

Spring Security and WAM authorization Spring provides programming tools – Full featured EL capabilities – Convenient annotations – Management central to the application

Spring Security EntryPoint Simplifies WAM configuration / management Utilizes WAM for authentication – User details injected if authenticated Allows course grained authorization to be managed within the application

Spring Integration

Demo

Lab 2 _Part_1#Lab_2

Conclusion LDS Account rocks! The Java Stack integration with LDS Account and Spring Security rocks!

Credit Where Credit is Due security/site/docs/3.1.x/reference/springsecurity -single.html Spring Security 3 – by Peter Mularien

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.