Enable Web Services Security (WS-Security) for the gateway:

Enabling Web Services Security (WS-Security) for the gateway

One can configure the gateway for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) draft recommendation. For more information on how WS-Security is implemented in WebSphere Application Server Network Deployment, see Securing Web services. For more information on the approach taken by the gateway to implementing this emerging standard, see The Web services gateway and WS-Security.
The gateway sits between the service requester (the client) and the target Web service. You configure the gateway to act as the target service from the point of view of the client, and as the client from the point of view of the target service. So you need to get, from the owning parties, the WS-Security configurations for both the client and the Web service. This information is found in the following files on the owners systems:

Key stores ( .ks and .jceks files).
Certificate stores ( .cer files).
Security settings ( ibm-webservicesclient-ext.xmi for the client, and ibm-webservices-ext.xmi for the Web service).
Binding information - for example the location of a keystore on the file system ( ibm-webservicesclient-bnd.xmi for the client, and ibm-webservices-bnd.xmi for the Web service).

Note: If the client is hosted on WebSphere Application Server, and the Web service security settings were created using IBM Web services tooling (for example WebSphere Studio Application Developer), then the files that contain the security settings and binding information will have the exact file names ( *.xmi ) given above. For clients and Web services from other vendors, these files will have different names.You need to copy the key store and certificate store files to the gateway file system, and to enter and configure for the gateway the security settings that are contained in the .xmi files. The security settings are entered and configured manually using the gateway administrative user interface. There are tools available (for example WebSphere Studio Application Developer) that can parse the .xmi files for you.
You use the Gateway -> Security option to configure the security bindings (the tokens, keys, signatures and encryption methods) that are available to the gateway, as described in Configure the gateway security bindings.
You then configure the level of security that applies at each stage of the transmission (and note that different levels of security, including no security, can be applied to each stage):

From the service requester to the gateway.
From the gateway to the target service.
From the target service back to the gateway.
From the gateway back to the service requester.
For information on how to do this, see the following topics:

Editing the service security configuration - how to configure secure communication for this gateway service between the service requester (the client) and the gateway.
Editing the target service security configuration - how to configure secure communication between the gateway and the target service.

The Web services gateway and WS-Security
Administering security for the Web services gateway
Enabling basic authentication and authorization for the gateway
Invoking Web services over HTTPS
Enabling proxy authentication for the gateway
Securing Web services
Web services gateway troubleshooting tips

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.