Show Table of Contents
Chapter 1. SwitchYard Security
SwitchYard services can be secured by:
- Specifying a list of security policies that are required for that service.
- Configuring application-level security processing details for the services within a domain.
- Configuring system-level security processing details.
- Storing sensitive information, such as passwords, in the JBoss AS password vault.
For information on SAML (Security Assertion Markup Language) and Java Security Manager, refer JBoss Enterprise Application Platform 6.1.1 Security Guide.
See Also:
1.1. About SwitchYard Security
SOA architecture involves applications to be exposed as services. These services must be protected against security vulnerabilities such as a SQL injection attack, XML entity expansion, and denial of service attack. The security implementation covers these security concerns and also provides the ability to monitor usage of services in SOA. However, you need to address the security concerns as an application developer if you are building your application on top of the product. For more information on such security concerns, refer https://www.owasp.org/index.php/Top_10_2013-Top_10.
SwitchYard services are secured in the following ways:
- Specify a list of security policies that are required for that service in the SwitchYard application descriptor (
switchyard.xml). Edit theswitchyard.xmlfile using the SwitchYard editor plug-in and specify the security policy by using the requires attribute of a component service definition as shown below:<service name="WorkService" requires="authorization clientAuthentication confidentiality">
- You can configure the security processing details for the services within a domain in the following ways:
- Select the Service for a component and view the Properties View in the SwitchYard editor.
- Hover over the Service for a component. A list of tools including the appears. It contains the security information.
- Ensure Authorization, Client Authentication and Confidentiality are checked.
This guide provides information on Red Hat JBoss Fuse security. For information on the security of underlying application platform, refer JBoss Enterprise Application Platform 6.1.1 Security Guide.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.