SlideShare a Scribd company logo

12 web security

S
StephenKardian

Neuron University Web Security

Technology
1 of 13
Web Security
Web Security • Understanding Security Models • Using certificates with Service Endpoints • Using OAuth in Neuron ESB Goals
Web Security • Understand Security Models • What are security models? • When do you use them? • Using Certificates in Neuron ESB • Using OAuth in Neuron ESB • Creating an OAuth provider in Neuron ESB • Associating OAuth providers with a service connector • Using custom OAuth providers Lesson Plan
Web Security • Security Models are used by Neuron ESB to identify the WCF web service security protocol to implement with the service • Security Models determine how messages are secured • HTTP – Uses authentication to ensure access • Transport – Secures the route between two endpoints • Message – Includes security data as part of every message securing the message itself Understanding Security Models : What are security models? Binding Supported Security Models BasicHttp HttpBasic, HttpDigest, HttpNtlm, HttpWindows, Transport:None, Transport:Basic, Transport:Digest, Transport:NTLM, Transport:Windows, Transport:Certificate, TransportWithMessage, Message:Certificate WSHttp None, Transport:None, Transport:Basic, Transport:Digest, Transport:Ntlm, Transport:Windows, Transport:Certificate, Message:Username NetTcp Transport:None, Transport:Basic, Transport:Windows, Transport:Certificate, TransportWithMessage, Message:Windows, Message:None, Message:IssuedToken, Message:Certificate, Message:Username REST HttpBasic, HttpDigest, HttpNtlm, HttpWindows, Transport:Digest, Transport:Basic, Transport:Ntlm, Transport:Windows, Transport:Certificate
Web Security Security Models are used by service endpoints when you need to secure the communication Transport • When you need to secure the channel for point to point communication • Better performance than message based security Message • When you need to secure the message for one to many communication • More flexibility than transport based security Transport with Message Credentials • Best of both transport and message security • Secures the channel for communication as well as includes authentication with each message Understanding Security Models : When do you use them?
Security Models : Demo Purpose: Familiarize users with security models in Neuron ESB. Objectives: • Setting security models in a service endpoint
Web Security • Create a Certificate Credential in Neuron ESB (Covered in Operational Security) • SSL • Select the Security Model Transport - None • Select the Certificate Credential from the Service Credentials drop down list on the Security Tab • Transport Certificate • Select the Security Model Transport – Certificate • Select the Certificate Credential from the Client Credential drop down list on the Service Connector Tab Using Certificates in Neuron ESB
Using Certificates : Demo Purpose: Familiarize users with using certificates in Neuron ESB. Objectives: • Create a certificate credential • Associate certificate credential with a service endpoint
Web Security • Register your application with the authorization service to get access to the client identifier and client secret • In Neuron – Security -> OAuth Providers • Enter the details provided by the OAuth service • Access Token • Credential type • Client ID • Client Secret • Redirect URI • Test with the test button Creating an OAuth Provider
Web Security • Used with REST based Service Connectors • Select from OAuth drop down on Service Connector Tab Associating OAuth Providers with a Service Connector
OAuth Providers : Demo Purpose: Familiarize users with OAuth providers in Neuron ESB. Objectives: • Create an OAuth provider • Test the OAuth provider • Associate an OAuth provider with a Service Connector
Web Security Neuron ESB supports the use of custom OAuth providers Neuron ESB Supports the following Grant Types for custom OAuth providers • Authorization Code Grant • Client Credentials Grant • Resource Owner Credentials Grant • Refresh Token Grant Documentation for how to create a Custom OAuth provider can be found at https://www.neuronesb.com/article/custom-oauth-providers/ Once created place the custom OAuth DLL in <Neuron Install Location><Instance>OAuthProviders Create and use the custom OAuth Provider the same as you would built-in OAuth providers Custom OAuth Providers
Custom OAuth Providers : Demo Purpose: Familiarize users with OAuth providers in Neuron ESB. Objectives: • Create a custom OAuth provider • Register the custom OAuth provider in Neuron ESB

Recommended

Proxy server
Proxy serverProxy server
Proxy server
Dlovan Salih
 
020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS
Jackio Kwok
 
Ihor Bliumental - WebSockets
Ihor Bliumental - WebSocketsIhor Bliumental - WebSockets
Ihor Bliumental - WebSockets
OWASP Kyiv
 
K8s Webhook Admission
K8s Webhook AdmissionK8s Webhook Admission
K8s Webhook Admission
Huynh Thai Bao
 
Realtime web experience with signal r
Realtime web experience with signal rRealtime web experience with signal r
Realtime web experience with signal r
Ran Wahle
 
Windows communication foundation ii
Windows communication foundation iiWindows communication foundation ii
Windows communication foundation ii
Swamy Gowtham
 
Developing Revolutionary Web Applications using Comet and Ajax Push
Developing Revolutionary Web Applications using Comet and Ajax PushDeveloping Revolutionary Web Applications using Comet and Ajax Push
Developing Revolutionary Web Applications using Comet and Ajax Push
Doris Chen
 
Multi-Process JavaScript Architectures
Multi-Process JavaScript ArchitecturesMulti-Process JavaScript Architectures
Multi-Process JavaScript Architectures
Mark Trostler
 

Recommended

Proxy server
Proxy serverProxy server
Proxy server
Dlovan Salih
 
020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS
Jackio Kwok
 
Ihor Bliumental - WebSockets
Ihor Bliumental - WebSocketsIhor Bliumental - WebSockets
Ihor Bliumental - WebSockets
OWASP Kyiv
 
K8s Webhook Admission
K8s Webhook AdmissionK8s Webhook Admission
K8s Webhook Admission
Huynh Thai Bao
 
Realtime web experience with signal r
Realtime web experience with signal rRealtime web experience with signal r
Realtime web experience with signal r
Ran Wahle
 
Windows communication foundation ii
Windows communication foundation iiWindows communication foundation ii
Windows communication foundation ii
Swamy Gowtham
 
Developing Revolutionary Web Applications using Comet and Ajax Push
Developing Revolutionary Web Applications using Comet and Ajax PushDeveloping Revolutionary Web Applications using Comet and Ajax Push
Developing Revolutionary Web Applications using Comet and Ajax Push
Doris Chen
 
Multi-Process JavaScript Architectures
Multi-Process JavaScript ArchitecturesMulti-Process JavaScript Architectures
Multi-Process JavaScript Architectures
Mark Trostler
 
Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentation
primeteacher32
 
Web security
Web securityWeb security
Web security
Greater Noida Institute Of Technology
 
Ssl pinning and hsts header
Ssl pinning and hsts headerSsl pinning and hsts header
Ssl pinning and hsts header
Saleem M
 
Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injava
tanujagrawal
 
How to use windows azure features on windows
How to use windows azure features on windowsHow to use windows azure features on windows
How to use windows azure features on windows
Radu Vunvulea
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
Guy Podjarny
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
primeteacher32
 
Microsoft exchange
Microsoft exchangeMicrosoft exchange
Microsoft exchange
saeed ismail
 
Developing and Hosting SOAP Based Services
Developing and Hosting SOAP Based ServicesDeveloping and Hosting SOAP Based Services
Developing and Hosting SOAP Based Services
StephenKardian
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Windows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside worldWindows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside world
Prabhakaran Soundarapandian
 
Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESB
WSO2
 
DDD Melbourne 2014 security in ASP.Net Web API 2
DDD Melbourne 2014 security in ASP.Net Web API 2DDD Melbourne 2014 security in ASP.Net Web API 2
DDD Melbourne 2014 security in ASP.Net Web API 2
Pratik Khasnabis
 
Introduction to API and Service Hosting 3.7
Introduction to API and Service Hosting 3.7Introduction to API and Service Hosting 3.7
Introduction to API and Service Hosting 3.7
StephenKardian
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
WSO2
 
Web security
Web securityWeb security
Web security
Muhammad Usman
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
PortalGuard dba PistolStar, Inc.
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Amazon Web Services
 
Microsoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measuredMicrosoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measured
mukundpandey
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
Amazon Web Services
 
Microservices Security landscape
Microservices Security landscapeMicroservices Security landscape
Microservices Security landscape
Sagara Gunathunga
 
Webservice security considerations and measures
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measures
Maarten Smeets
 

More Related Content

What's hot

Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injava
tanujagrawal
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
Guy Podjarny
 

What's hot (8)

Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentation
 
Web security
Web securityWeb security
Web security
 
Ssl pinning and hsts header
Ssl pinning and hsts headerSsl pinning and hsts header
Ssl pinning and hsts header
 
Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injava
 
How to use windows azure features on windows
How to use windows azure features on windowsHow to use windows azure features on windows
How to use windows azure features on windows
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
 
Microsoft exchange
Microsoft exchangeMicrosoft exchange
Microsoft exchange
 

Similar to 12 web security

Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESB
WSO2
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
WSO2
 
Microsoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measuredMicrosoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measured
mukundpandey
 
Webservice security considerations and measures
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measures
Maarten Smeets
 
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSSECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
Manoj Kumar K.M
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services
 

Similar to 12 web security (20)

Developing and Hosting SOAP Based Services
Developing and Hosting SOAP Based ServicesDeveloping and Hosting SOAP Based Services
Developing and Hosting SOAP Based Services
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
Windows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside worldWindows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside world
 
Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESB
 
DDD Melbourne 2014 security in ASP.Net Web API 2
DDD Melbourne 2014 security in ASP.Net Web API 2DDD Melbourne 2014 security in ASP.Net Web API 2
DDD Melbourne 2014 security in ASP.Net Web API 2
 
Introduction to API and Service Hosting 3.7
Introduction to API and Service Hosting 3.7Introduction to API and Service Hosting 3.7
Introduction to API and Service Hosting 3.7
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
 
Web security
Web securityWeb security
Web security
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
 
Microsoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measuredMicrosoft certified-azure-solutions-architect-expert-skills-measured
Microsoft certified-azure-solutions-architect-expert-skills-measured
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
 
Microservices Security landscape
Microservices Security landscapeMicroservices Security landscape
Microservices Security landscape
 
Webservice security considerations and measures
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measures
 
Azure Web Apps Advanced Security
Azure Web Apps Advanced SecurityAzure Web Apps Advanced Security
Azure Web Apps Advanced Security
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloud
 
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSSECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
 
Build on AWS: Delivering and Modernizing.
Build on AWS: Delivering and Modernizing. Build on AWS: Delivering and Modernizing.
Build on AWS: Delivering and Modernizing.
 

More from StephenKardian

More from StephenKardian (20)

Deployment and Configuration 3.7
Deployment and Configuration 3.7Deployment and Configuration 3.7
Deployment and Configuration 3.7
 
Tracing, Logging and Troubleshooting 3.7
Tracing, Logging and Troubleshooting 3.7Tracing, Logging and Troubleshooting 3.7
Tracing, Logging and Troubleshooting 3.7
 
Operational Security 3.7
Operational Security 3.7Operational Security 3.7
Operational Security 3.7
 
Workflow Hosting and Tracking 3.7
Workflow Hosting and Tracking 3.7Workflow Hosting and Tracking 3.7
Workflow Hosting and Tracking 3.7
 
Workflow Patterns and Correlation 3.7
Workflow Patterns and Correlation 3.7Workflow Patterns and Correlation 3.7
Workflow Patterns and Correlation 3.7
 
Build, Test and Extend Integrated Workflows 3.7
Build, Test and Extend Integrated Workflows 3.7Build, Test and Extend Integrated Workflows 3.7
Build, Test and Extend Integrated Workflows 3.7
 
Introduction to Long Running Workflows 3.7
Introduction to Long Running Workflows 3.7Introduction to Long Running Workflows 3.7
Introduction to Long Running Workflows 3.7
 
Monitoring Neuron ESB 3.7
Monitoring Neuron ESB 3.7Monitoring Neuron ESB 3.7
Monitoring Neuron ESB 3.7
 
Building Custom Adapters 3.7
Building Custom Adapters 3.7Building Custom Adapters 3.7
Building Custom Adapters 3.7
 
Using Adapters and Mediation to Integrate Systems 3.7
Using Adapters and Mediation to Integrate Systems 3.7Using Adapters and Mediation to Integrate Systems 3.7
Using Adapters and Mediation to Integrate Systems 3.7
 
Introduction to Adapters 3.7
Introduction to Adapters 3.7Introduction to Adapters 3.7
Introduction to Adapters 3.7
 
Web Security 3.7
Web Security 3.7Web Security 3.7
Web Security 3.7
 
Developing and Hosting REST APIs 3.7
Developing and Hosting REST APIs 3.7Developing and Hosting REST APIs 3.7
Developing and Hosting REST APIs 3.7
 
Extending Business Processes 3.7
Extending Business Processes 3.7Extending Business Processes 3.7
Extending Business Processes 3.7
 
Building Complex Business Processes 3.7
Building Complex Business Processes 3.7Building Complex Business Processes 3.7
Building Complex Business Processes 3.7
 
Introduction to Business Processes 3.7
Introduction to Business Processes 3.7Introduction to Business Processes 3.7
Introduction to Business Processes 3.7
 
Repository 3.7
Repository 3.7Repository 3.7
Repository 3.7
 
`Neuron ESB Client API 3.7
`Neuron ESB Client API 3.7`Neuron ESB Client API 3.7
`Neuron ESB Client API 3.7
 
Introduction to Messaging 3.7
Introduction to Messaging 3.7Introduction to Messaging 3.7
Introduction to Messaging 3.7
 
Introduction to Neuron ESB 3.7
Introduction to Neuron ESB 3.7Introduction to Neuron ESB 3.7
Introduction to Neuron ESB 3.7
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Recently uploaded (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 

12 web security

  • 2. Web Security • Understanding Security Models • Using certificates with Service Endpoints • Using OAuth in Neuron ESB Goals
  • 3. Web Security • Understand Security Models • What are security models? • When do you use them? • Using Certificates in Neuron ESB • Using OAuth in Neuron ESB • Creating an OAuth provider in Neuron ESB • Associating OAuth providers with a service connector • Using custom OAuth providers Lesson Plan
  • 4. Web Security • Security Models are used by Neuron ESB to identify the WCF web service security protocol to implement with the service • Security Models determine how messages are secured • HTTP – Uses authentication to ensure access • Transport – Secures the route between two endpoints • Message – Includes security data as part of every message securing the message itself Understanding Security Models : What are security models? Binding Supported Security Models BasicHttp HttpBasic, HttpDigest, HttpNtlm, HttpWindows, Transport:None, Transport:Basic, Transport:Digest, Transport:NTLM, Transport:Windows, Transport:Certificate, TransportWithMessage, Message:Certificate WSHttp None, Transport:None, Transport:Basic, Transport:Digest, Transport:Ntlm, Transport:Windows, Transport:Certificate, Message:Username NetTcp Transport:None, Transport:Basic, Transport:Windows, Transport:Certificate, TransportWithMessage, Message:Windows, Message:None, Message:IssuedToken, Message:Certificate, Message:Username REST HttpBasic, HttpDigest, HttpNtlm, HttpWindows, Transport:Digest, Transport:Basic, Transport:Ntlm, Transport:Windows, Transport:Certificate
  • 5. Web Security Security Models are used by service endpoints when you need to secure the communication Transport • When you need to secure the channel for point to point communication • Better performance than message based security Message • When you need to secure the message for one to many communication • More flexibility than transport based security Transport with Message Credentials • Best of both transport and message security • Secures the channel for communication as well as includes authentication with each message Understanding Security Models : When do you use them?
  • 6. Security Models : Demo Purpose: Familiarize users with security models in Neuron ESB. Objectives: • Setting security models in a service endpoint
  • 7. Web Security • Create a Certificate Credential in Neuron ESB (Covered in Operational Security) • SSL • Select the Security Model Transport - None • Select the Certificate Credential from the Service Credentials drop down list on the Security Tab • Transport Certificate • Select the Security Model Transport – Certificate • Select the Certificate Credential from the Client Credential drop down list on the Service Connector Tab Using Certificates in Neuron ESB
  • 8. Using Certificates : Demo Purpose: Familiarize users with using certificates in Neuron ESB. Objectives: • Create a certificate credential • Associate certificate credential with a service endpoint
  • 9. Web Security • Register your application with the authorization service to get access to the client identifier and client secret • In Neuron – Security -> OAuth Providers • Enter the details provided by the OAuth service • Access Token • Credential type • Client ID • Client Secret • Redirect URI • Test with the test button Creating an OAuth Provider
  • 10. Web Security • Used with REST based Service Connectors • Select from OAuth drop down on Service Connector Tab Associating OAuth Providers with a Service Connector
  • 11. OAuth Providers : Demo Purpose: Familiarize users with OAuth providers in Neuron ESB. Objectives: • Create an OAuth provider • Test the OAuth provider • Associate an OAuth provider with a Service Connector
  • 12. Web Security Neuron ESB supports the use of custom OAuth providers Neuron ESB Supports the following Grant Types for custom OAuth providers • Authorization Code Grant • Client Credentials Grant • Resource Owner Credentials Grant • Refresh Token Grant Documentation for how to create a Custom OAuth provider can be found at https://www.neuronesb.com/article/custom-oauth-providers/ Once created place the custom OAuth DLL in <Neuron Install Location><Instance>OAuthProviders Create and use the custom OAuth Provider the same as you would built-in OAuth providers Custom OAuth Providers
  • 13. Custom OAuth Providers : Demo Purpose: Familiarize users with OAuth providers in Neuron ESB. Objectives: • Create a custom OAuth provider • Register the custom OAuth provider in Neuron ESB

Editor's Notes

  1. Many services use some sort of security in their implementation, to limit who can use the service or to ensure the integrity of the data being transferred to them. In Neuron ESB both client connectors and service connectors may be required to be secured one way or the other, and it is vital to an organization that this functionality be available. I am ________________ from ________________________ and this lesson is Web Security.
  2. The goals of this lesson are to provide users with a better understanding of the Security models available to them inside of the Neuron ESB and to show users how to use certificates and OAuth providers in conjunction with service endpoints.
  3. To facilitate our goals this lesson has ben broken down into three sections to make the information provided easier to understand. The sections that we will be covering are: Understanding security models, where we will look at what security models are and how to use them Using certificates in Neuron ESB Using OAuth in Neuron ESB, where we will be discuss how to create an OAuth provider, how to associate it with a service connector, as well as how to create custom OAuth providers.
  4. As we discussed in the Introduction to API and Service Hosting presentation, all service endpoints can use security models based on the binding of that service endpoint. But what is a security model? Security Models are used by Neuron ESB to identify the WCF web service security protocol to implement with the service Security Models determine how messages are secured HTTP – Uses authentication to ensure access Transport – Secures the route between two endpoints Message – Includes security data as part of every message securing the message itself https://docs.microsoft.com/en-us/dotnet/framework/wcf/securing-services https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/web-services-protocols-supported-by-system-provided-interoperability-bindings
  5. Now that we know what a security model is, we need to look at when to use them. If you need to secure the communication of a service you will want to use a security model. But which one is best for the job? Transport When you need to secure the channel for point to point communication Better performance than message based security Message When you need to secure the message for one to many communication More flexibility than transport based security Transport with Message Credentials Best of both transport and message security Secures the channel for communication as well as includes authentication with each message https://docs.microsoft.com/en-us/dotnet/framework/wcf/securing-services https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/web-services-protocols-supported-by-system-provided-interoperability-bindings
  6. If you wish to create secure service endpoints in Neuron for clients to connect to you will need to Create a Certificate Credential in Neuron ESB (Covered in Operational Security) Then based on the type endpoint you are looking to create SSL Select the Security Model Transport - None Select the Certificate Credential from the Service Credentials drop down list on the Security Tab Transport Certificate Select the Security Model Transport – Certificate Select the Certificate Credential from the Client Credential drop down list on the Service Connector Tab https://www.neuronesb.com/neuron/Help3/Development/Samples_and_Walkthroughs/How_To/ssl_how_to.htm
  7. Using OAuth, Neuron ESB can obtain access tokens that can be passed to REST services to authorize protected resource invocations. To do this you need to Register your application with the authorization service to get access to the client identifier and client secret In Neuron – Security -> OAuth Providers Enter the details provided by the OAuth service Access Token Credential type Client ID Client Secret Redirect URI Test with the test button https://www.neuronesb.com/article/introducing-oauth-support/
  8. Once you have an OAuth provider created you can associate it with a REST based service connector by selecting the OAuth provider from the OAuth drop down list on the service connector tab of your REST service connector. https://www.neuronesb.com/article/introducing-oauth-support/
  9. Neuron ESB supports the use of custom OAuth providers Neuron ESB Supports the following Grant Types for custom OAuth providers Authorization Code Grant Client Credentials Grant Resource Owner Credentials Grant Refresh Token Grant Documentation for how to create a Custom OAuth provider can be found at https://www.neuronesb.com/article/custom-oauth-providers/ Once created place the custom OAuth DLL in <Neuron Install Location>\<Instance>\OAuthProviders Create and use the custom OAuth Provider the same as you would built-in OAuth providers