Securing Web services using XML encryption

 

Overview

WebSphere Application Server provides several different methods to secure your Web services. Extensible Markup Language (XML) encryption is one of these methods. You can secure your Web services using any of the following methods:

Overview

XML encryption enables you to encrypt an XML element, the content of an XML element, or arbitrary data such as an XML document. Like XML digital signature, a message is sent by the client as the request sender to the server as the request receiver. The response is sent by the server as the response sender to the client as the request receiver. Unlike XML digital signature, which verifies the authenticity of the sender, XML encryption scrambles the message content using a key, which can be unscrambled by a receiver that possesses the same key. You can use XML encryption in conjunction with XML digital signature to scramble the content while verifying the authenticity of the message sender.

To use XML encryption to secure Web services, use the WebSphere Application Server Toolkit, which is available at the following Web site:

http://www.ibm.com/support/docview.wss?rs=180&context=SSEQTP
&q=ASTK&uid=swg24005125&loc=en_US&cs=utf-8&lang=en+en

Complete the following steps.

  1. Specify the encryption settings for the request sender.The message parts and the encryption method settings chosen for the request sender on the client must match the message parts and the method settings chosen for the request receiver on the server. To specify the encryption settings for the request sender:

    1. Configure the client for request encryption: Encrypting the message parts.

    2. Configure the client for request encryption: Choosing the encryption method.

  2. Specify the encryption settings for the request receiver. The decryption settings chosen for the request receiver must match the encryption settings chosen for the request sender.

    To specify the decryption settings for the request receiver:

    1. Configure the server for request decryption: Decrypting message parts.

    2. Configure the server for request decryption: Choosing the decryption method.

  3. Specify the encryption settings for the response sender. The message parts and the encryption method settings chosen for the response sender on the server must match the message parts and the method settings chosen for the response receiver on the client. To specify the encryption settings for the response sender:

    1. Configure the server for response encryption: Encrypting message parts.

    2. Configure the server for response encryption: Choosing the encryption method.

  4. Specify the encryption settings for the response receiver.

    Note: The decryption settings chosen for the response receiver must match the encryption settings chosen for the response sender.

    To specify the decryption settings for the response receiver, complete the following steps:

    1. Configure the client for response decryption: decrypting message parts.

    2. Configure the client for response decryption: choosing the decryption method.

 

Results

After completing these steps, you have secured your Web services using XML encryption.


Related concepts
Request sender
Request receiver
Response sender
Response receiver
XML encryption
XML digital signature
Related tasks
Securing Web services based on WS-Security
Related reference
Encryption information collection
Encryption information configuration settings
Encryption information configuration settings
Login bindings configuration settings
Related topics
WebSphere Application Server V5.0.2's Application Server Toolkit