Response receiver binding collection: WAS v5.1

Response receiver binding collection

Use this page to specify the binding configuration for receiver response messages for Web services security.
To view this administrative console page, complete the following steps:

Click Applications > Enterprise Applications > appname.
Under Related Items, click Web Modules > URI_file_name > Web Services: Server Security Bindings.
Under Response Sender Binding, click Edit.

Signing Information Specifies the configuration for the signing parameters. Signing information is used to sign and to validate parts of the message including the body and the time stamp.
You can also use these parameters for X.509 validation when the authentication method is IDAssertion and the ID type is X509Certificate in the server-level configuration. In such cases, fill in the certificate path fields only.

Encryption Information Specifies the configuration for the encryption and decryption parameters. Encryption information is used for encrypting and decrypting various parts of a message, including the body and the user name token.

Trust Anchors Specifies a list of key store objects that contain the trusted root certificates that are self-signed or issued by a certificate authority.
The certificate authority authenticates a user and issues a certificate. After the certificate is issued, the key store objects, which contain these certificates, use the certificate for certificate path or certificate chain validation of incoming X.509-formatted security tokens.

Collection Certificate Store Specifies a list of the untrusted, intermediate certificate files.
The collection certificate store contains a chain of untrusted, intermediate certificates.The CertPath API attempts to validate these certificates, which are based on the trust anchor.

Key Locators Specifies a list of key locator objects that retrieve the keys for a digital signature and encryption from a key store file or a repository. The key locator maps a name or logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.

See Also
Response receiver
Securing Web services using XML encryption
Configuring the client for response decryption: Decrypting the message parts
Configuring the client for response decryption: Choosing a decryption method
Configuring the client for response digital signature verification: Verifying the message parts
Configuring the client for response digital signature verification: choosing the verification method
Encryption information collection

Signing Information	Specifies the configuration for the signing parameters. Signing information is used to sign and to validate parts of the message including the body and the time stamp. You can also use these parameters for X.509 validation when the authentication method is IDAssertion and the ID type is X509Certificate in the server-level configuration. In such cases, fill in the certificate path fields only.
Encryption Information	Specifies the configuration for the encryption and decryption parameters. Encryption information is used for encrypting and decrypting various parts of a message, including the body and the user name token.
Trust Anchors	Specifies a list of key store objects that contain the trusted root certificates that are self-signed or issued by a certificate authority. The certificate authority authenticates a user and issues a certificate. After the certificate is issued, the key store objects, which contain these certificates, use the certificate for certificate path or certificate chain validation of incoming X.509-formatted security tokens.
Collection Certificate Store	Specifies a list of the untrusted, intermediate certificate files. The collection certificate store contains a chain of untrusted, intermediate certificates.The CertPath API attempts to validate these certificates, which are based on the trust anchor.
Key Locators	Specifies a list of key locator objects that retrieve the keys for a digital signature and encryption from a key store file or a repository. The key locator maps a name or logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.