Transport level security

Transport level security is based on SSL or Transport Layer Security that runs beneath the HTTP protocol.

SSL and TLS provide security features including authentication, data protection, and cryptographic token support for secure HTTP connections. To run with HTTPS, the service endpoint address must be in the form of https:// .

The integrity and confidentiality of transport data, including SOAP messages and HTTP basic authentication, is confirmed when you use SSL and TLS. See SSL for more information. Web services applications can also use Federal Information Processing Standard (FIPS) approved ciphers for more secure TLS connections.

WAS uses JSSE to support SSL and TLS.

See also:

Configure client-side transport level security
Configure HTTP basic authentication
Configure FIPS-approved JSSE files
Using JSSE and JCE with Servlets and enterprise bean files