Tutorials

Tutorials

Security and governance for SOA, Web, and the Cloud


API Management

Understand how governance of the exposed programming interface gives you the ability to consolidate offerings while still writing clear access control rules that make sense for the administrator.

REST-to-SOAP Remapping
JSON Schema Validation
Securing REST Interfaces
API Virtualization
Securing Odata API
API Rate Limiting and DoS Protection
How To Implement HMAC API Security

Development

How to develop service interfaces without heavy software development investment.
Off Box Audit and Reporting
Performance Testing
Integration with IBM WSRR
Policy Integration with SAG Centrasite and the Layer 7 SOA Gateway
Native Websphere MQSeries integration
UDDI Integration Using HP Systinet

Identity & Access Management

Learn more about using identity and federation to separate authorization and authentication.
Federating Web Services
SAML Token Caching for Improved Identity Performance
Implementing a SAML Security Token Service
Establishing Kerberos Token Based Authentication
Open SSO IAM Integration
Oracle Entitlements Server Integration
Content Caching for SOA
Securing Layer 7 Policies with Axiomatics

OAuth
OAuth 2.0 with Layer 7 Gateways: Tutorial Series
OAuth 2.0 with Layer 7 Gateways, Tutorial 1: Incorporate an Existing API & Identity Provider
OAuth 2.0 with Layer 7 Gateways, Tutorial 2: The Authorization Code Grant Type
OAuth 2.0 with Layer 7 Gateways, Tutorial 3: The Implicit Grant Type
OAuth 2.0 with Layer 7 Gateways, Tutorial 4: The SAML Grant Type
OAuth 2.0 with Layer 7 Gateways, Tutorial 5: Leverage a CA SiteMinder Session in an OAuth 2.0 Handshake
Using Layer 7 as an OAuth 1.0/1.0a Server & Client
Modifying a Layer 7 OAuth 1.0a Implementation to Support Custom Requirements

SecureSpan Basics
Fundamentals of the SecureSpan Policy Language
Creating an Authentication Service on the SecureSpan SOA Gateway
Advanced Cryptographic Algorithms on the SecureSpan SOA Gateway

WCF
Layer 7 Tutorials