[Download]
| [Documentation Home] | [Release Note]
Default Security Scenarios
WSO2 AppServer makes it extremely easy to secure your Web Services by providing 15
pre-defined security scenarios. Normally if you try to secure a Web Service from
the scratch, you have to write a WS-Security Policy document for your scenario and
engage that policy into your Web Service. This can be very complex depending on
your scenario. To make life easier for you, we've identified 15 most heavily used
security scenarios and made those available by default in the WSO2 AppServer. All you
have to do is to apply the most suitable security scenario into your service by going
to "Security" link on your service dashboard. More information on security UI can be
found here.
This document will provide you a more graphical explanation of each and every default
security scenario supported by the WSO2 AppServer.
- UsernameToken

- Non-repudiation

- Integrity

- Confidentiality

- Sign and encrypt - X509 Authentication

- Sign and Encrypt - Anonymous clients

- Encrypt only - Username Token Authentication

- Sign and Encrypt - Username Token Authentication

- SecureConversation - Sign only - Service as STS - Bootstrap policy
- Sign and Encrypt , X509 Authentication

- SecureConversation - Encrypt only - Service as STS - Bootstrap policy
- Sign and Encrypt , X509 Authentication

- SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy
- Sign and Encrypt , X509 Authentication

- SecureConversation - Sign Only - Service as STS - Bootstrap policy
- Sign and Encrypt , Anonymous clients

- SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy
- Sign and Encrypt , Anonymous clients

- SecureConversation - Encrypt Only - Service as STS - Bootstrap policy
- Sign and Encrypt , Username Token Authentication

- SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy
- Sign and Encrypt , Username Token Authentication
