Configure the server security bindings using the administrative console
Create an Enterprise JavaBean (EJB) file Java archive (JAR) file or Web archive (WAR) file containing the security binding file (ibm-webservices-bnd.xmi) and the security extension file (ibm-webservices-ext.xmi). If this archive is acting as a client to a downstream service, you also need the client-side binding file (ibm-webservicesclient-bnd.xmi) and the client-side extension file (ibm-webservicesclient-ext.xmi). These files are generated using the WSDL2Java command. You can edit these files using the Web Services Editor in the Assembly Toolkit.
When configuring server-side security for Web services security, the security extensions configuration specifies what security is to be performed while the security bindings configuration indicates how to perform what is specified in the security extensions configuration. Use the defaults for some elements at the cell and server levels in the bindings configuration, including key locators, trust anchors, the collection certificate store, trusted ID evaluators, and login mappings and reference them from the WAR and JAR binding configurations.
The following steps describe how to edit bindings for a Web service after these bindings are deployed on a server. When one Web service communicates with another Web service, you also must configure the client bindings to access the downstream Web service.
- Deploy the Web service using the WAS administrative console. The Administrative Console is accessible by typing http://localhost:9090/admin in a Web browser. After you log into the administration console, click Applications > Install New Application to deploy the Web service. For more information, see Install a new application.
- After you deploy the Web service, click Applications > Enterprise Applications > application _name.
- Under Related Items, click either Web Modules or EJB Modules depending on which service you want to configure.
- If you select Web Modules, click the WAR file that you want to edit.
- If you select EJB Modules, click the JAR file that you want to edit.
- After you select a WAR or JAR file, under Additional Properties, click Web Services: Client Security Bindings for outbound requests and inbound responses. Click Web Services: Server Security Bindings for inbound requests and outbound responses.
- If you click Web Services: Server Security Bindings, the following sections can be configured. These topics are discussed in more detail in other sections of the documentation.
- Request receiver binding
- Signing Information
- Encryption Information
- Trust anchors
- Collection certificate store
- Key locators
- Trusted ID evaluators
- Login mappings
- Response sender binding
See AlsoSecuring Web services using XML digital signature
Configuring the client security bindings using the Assembly Toolkit
Configuring the security bindings on a server acting as a client using the administrative console
Configuring the server security bindings using the Assembly Toolkit