View Web services client deployment descriptor
Use this page to view your client deployment descriptor.
To view this administrative console page, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Modules > URI_file_name > View Web Services Client Deployment Descriptor.
Application-level and server-level bindings are the two levels of bindings that WAS offers. Application-level, server-level, and cell-level are the three levels of bindings that WAS Network Deployment offers. The information in the following implementation descriptions indicates how to configure your application-level bindings. If the Web server is acting as a client, the default bindings are used. To configure the server-level bindings, which are the defaults, complete the following steps...
- Click Servers > Application Servers > server_name.
- Under Related Items, click Web Services: Default bindings for Web Services Security.
- To configure the cell-level bindings, click Security > Web Services.
If you are using any of the following configurations, verify that the deployment descriptor is configured properly...
- Request signing
- Request encryption
- BasicAuth authentication
- Identity (ID) Assertion authentication
- Identity (ID) Assertion authentication with the signature TrustMode
- Response digital signature verification
- Response decryption
Request signing
If the integrity constraints (digital signature) are specified, verify that you configured the signing information in the binding files.
To configure the signing parameters, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Modules > URI_file_name Web Services: Client Security Bindings .
- In the Response Receiver Binding column, click Edit > Signing Information > New.
To configure the key locators, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Key Locators.
Request encryption
If the confidentiality constraints (encryption) are specified, verify that you configured the encryption information in the binding files.
To configure the encryption parameters, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Modules > URI_file_name > Web Services: Client Security Bindings .
- In the Response Receiver Binding column, click Edit > Encryption Information > New.
To configure the key locators, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Key Locators.
BasicAuth authentication
If BasicAuth authentication is configured as the required security token, specify the CallbackHandler in the binding file to collect the basic authentication data. The following list contains the CallBack support implementations...
com.ibm.wsspi.wssecurity.auth.callback.GuiPromptCallbackHandler This implementation prompts for BasicAuth information (user name and password) in an interface.
com.ibm.wsspi.wssecurity.auth.callback.NonPromptCallbackHandler This implementation reads the BasicAuth information from the binding file.
com.ibm.wsspi.wssecurity.auth.callback.StdPromptCallbackHandler This implementation prompts for a user name and password using the standard in (stdin) prompt. To configure the login binding information, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Module > URI_file_name > Web Services: Client Security Bindings.
- Under Request Sender Bindings, click Edit > Login Binding.
Identity (ID) Assertion authentication with BasicAuth TrustMode
Configure a login binding in the bindings file with a com.ibm.wsspi.wssecurity.auth.callback.NonPromptCallbackHandler implementation. Specify a BasicAuth user ID and password that a TrustedIDEvaluator on a downstream server trusts.
To configure the login binding information, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Module > URI_file_name> Web Services: Client Security Bindings.
- Under Request Sender Bindings, click Edit > Login Binding.
Identity (ID) Assertion authentication with the Signature TrustMode
Configure the signing information in the bindings file with a signing key pointing to a key locator. The key locator contains the X.509 certificate that is trusted by the downstream server.
To configure ID assertion, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Login Mappings > IDAssertion.
To configure the login binding information, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Module > URI_file_name > Web Services: Client Security Bindings.
- Under Request Sender Bindings, click Edit > Login Binding.
Response digital signature verification
If the integrity constraints (signature required) are defined, verify that you configured the signing information in the binding files.
To configure the signing parameters, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Modules > URI_file_name > Web Services: Client Security Bindings .
- In the Response Receiver Binding column, click Edit > Signing Information > New.
To configure the trust anchors, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Trust Anchors > New.
To configure the collection certificate store, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Collection Certificate Store > New.
Response decryption
If the confidentiality constraints (encryption) are specified, verify that you defined the encryption information.
To configure the encryption information, complete the following steps...
- Click Applications > Enterprise Applications > appname.
- Under Related Items, click Web Modules > <URI_file_name > Web Services: Client Security Bindings .
- In the Response Receiver Binding column, click Edit > Encryption Information > New.
To configure the key locators, complete the following steps...
- Click Servers > Application Servers > server.
- Under Additional Properties, click Web Services: Default bindings for Web Services Security > Key Locators.
See Also
Configurations
Web services: default bindings for the Web services security collection