WSO2 Identity Server provides many methods for implementing and managing security. These are described in the following topics.
- Setting up Keystores
- Configuring Transport Level Security
- Saving Access Tokens in Separate Tables
- Timestamp in WS-Security to Mitigate Replay Attacks
- Enabling Java Security Manager
- Securing Passwords in Configuration Files
- Mitigating Cross Site Request Forgery (CSRF) Attacks
- Mitigating Cross Site Scripting (XSS) Attacks
- Mitigating Carriage Return Line Feed (CRLF) Attacks
Related Topics
- The security patch releases can be found here. See the Applying Patches topic for more information on how to apply the security patch to WSO2 IS.
- See Configuring Session Timeout for instructions on how to expire a session for user account security.
Overview
Content Tools
Activity