Default configuration for WAS

In the WAS, each appserver has a copy of the ws-security.xml file, which defines the default binding information for Web services security. The following list contains the defaults defined in the ws-security.xml file:

Trust anchors Identifies the trusted root certificates for signature verification.

Collection certificate stores Contains certificate revocation lists (CRLs) and nontrusted certificates for verification.

Key locators Locates the keys for digital signature and encryption.

Trusted ID evaluators Evaluates the trust of the received identity before identity assertion.

Login mappings Contains the JAAS configurations for AuthMethod token validation.

If the Web services security constraints specified in the deployment descriptors and the required bindings are not defined in the bindings file, the default constraints in the ws-security.xml file are used.

When you use the addNode command, the ws-security.xml file is added with the server configuration to the new cell.


See Also

Default binding
Trust anchors
Collection certificate store
Key locator
Trusted ID evaluator
Login mappings
Securing Web services using XML digital signature