Home Proposal Form Contact Us Site Map
  Services     Training     Securing Java Web Services Training  
  Our Services
Support & Maintenance
Web Hosting
Domain Registration
  Securing Java Web Services  
  This training is plan for J2EE developer for developing secure Web services. This training will cover XML signature, encryption standards, WS-Security specification, token profiles, and the Security Assertions Markup Language (SAML).  
This training covers theory, practical with hands-on exercise. Participants will spend roughly half of the time on lab excersie such as XML signature and encryption, running JAX-RPC web services, adding WS-Security headers, signing and encrypting message content, and passing SAML assertions and configuring J2EE tools to support signature and encryption of SOAP messages under the JAX-RPC.
  Course Content  

1. Web-Service Security

  • Overview of Web Services Security
  • Threats
  • Technology and Techniques
  • Solution Levels
  • HTTP Solutions
  • The World-Wide Web Consortium
  • XML Solutions
  • Encryption
  • Hashing
  • Signature
  • Web-Services Solutions
  • Technology Stacks: WS-Federation and Liberty Alliance
  • WS-Security
  • SAML

2. HTTP Security

  • HTTP Authentication Schemes
  • Securing Web-Service URLs
  • JAX-RPC Support
  • Axis Support

3. XML Signature

  • XML Digital Signature
  • Canonical XML
  • Enveloped, Enveloping, and Detached Signatures
  • SignedInfo and References
  • The Java Cryptography Architecture
  • Keystores
  • keytool
  • X.509 Certificates
  • The KeyStore API
  • Java XML Digital Signature API
  • Steps to Sign and Verify XML Content
  • JAX-RPC Message Handlers
  • Foiling the Man in the Middle

4. XML Encryption

  • XML Encryption
  • EncryptedData
  • Element vs. Content Encryption
  • Encrypted Keys
  • The Java Cryptography Extensions
  • Apache XML Security
  • Steps to Encrypt and Decrypt XML Content
5. WS-Security

  • The WS-Security Specifications
  • Relationship to W3C Specifications
  • Security Tokens
  • Timestamps
  • Tools for WS-Security
  • Integrating into JAX-RPC Services and Clients

6. Securing Web Services

  • Practical Use of WS-Security
  • Foiling Replay Attacks
  • Dynamic Security Policies

7. The Security Assertions Markup Language

  • History of SAML
  • Goals and Non-Goals
  • Authorities
  • Assertions
  • Protocol

8. SAML Assertions

  • The Assertions Schema
  • Extensibility
  • Assertions and Subjects
  • NameIdentifiers and SubjectConfirmations
  • AuthenticationStatements
  • AttributeStatements
  • AuthorizationDecisionStatements
  • Actions and Evidence
  • SAML Tokens
  • OpenSAML
  • Signing SAML Assertions

9. SAML Protocol

  • SAML Messaging
  • The SAML Protocol Schema
  • Request Types
  • Response Types
  • Status and StatusCode
  • AuthenticationQuery
  • AttributeQuery
  • AuthorizationDecisionQuery
  • SAML as the Substance

Price: Rs. 50000/-


Duration: 3 Days (24 Hours) – 9:00 AM – 6:00 PM

  Development Environment  
  • Eclipse
  • Aache, JBoss
  • OS - Windows XP


  • Java programming, J2EE, Web Development and Database Knowledge







For registration or group training, please send email on

For more information, please contact us on +91-9898084558, +91-79-40047258
Web2.0/Social Networking
Cloud Computing/Virtualization
Event-Driven SOA
Grid Computing
Semantic Web
Contact Us
Site Map
Proposal Form
All rights reserved by Attune Infocom
All other product names and/or company names used herein may be protected as trademarks of their respective owners.