WSO2 Identity Server provides many methods for implementing and managing security. These are described in the following topics.
- Configuring Transport Level Security
- Enabling Java Security Manager
- Saving Access Tokens in Separate Tables
- Timestamp in WS-Security to Mitigate Replay Attacks
- Mitigating Cross Site Request Forgery (CSRF) Attacks
- Mitigating Carriage Return Line Feed (CRLF) Attacks
- Mitigating Cross Site Scripting (XSS) Attacks
- WSO2 Carbon Secure Vault
Also see Securing Plain Text Passwords for password related security.