Default configuration for WAS
In the WAS, each appserver has a copy of the ws-security.xml file, which defines the default binding information for Web services security. The following list contains the defaults defined in the ws-security.xml file:
Trust anchors Identifies the trusted root certificates for signature verification.
Collection certificate stores Contains certificate revocation lists (CRLs) and nontrusted certificates for verification.
Key locators Locates the keys for digital signature and encryption.
Trusted ID evaluators Evaluates the trust of the received identity before identity assertion.
Login mappings Contains the JAAS configurations for AuthMethod token validation.
If the Web services security constraints specified in the deployment descriptors and the required bindings are not defined in the bindings file, the default constraints in the ws-security.xml file are used.
When you use the addNode command, the ws-security.xml file is added with the server configuration to the new cell.
See AlsoDefault binding
Collection certificate store
Trusted ID evaluator
Securing Web services using XML digital signature