Configure the server for request decryption: decrypting the message parts

Before you begin

Important distinction between V5.x and v6.x applications

Note: The information in this article supports v5.x applications only that are used with WAS v6.x. The information does not apply to v6.0.x applications.

Complete this task to specify which parts of the request message must be decrypted by the server. You must know which parts of the request message the client encrypts because the server must decrypt the same message parts. Prior to completing these steps, read either of the following topics to become familiar with the WS Extensions tab and the WS Binding configurations tab:

Configuring the server security bindings using an assembly tool
Configuring the server security bindings using the administrative console

These two tabs are used to configure the Web services security extensions and Web services security bindings, respectively.

Overview

Complete the following steps to configure the request receiver extensions:

Procedure

Launch an assembly tool. For more information on the assembly tools, see Assembly tools.
Open the J2EE perspective by clicking Window > Open perspective > Other > J2EE.
Click EJB Projects > appname > ejbModule > META_INF.
Right-click the webservices.xml file, and click Open with > Web services editor.
Click the Extensions tab, which is located at the bottom of the Web services editor within the assembly tool.
Expand the Request receiver service configuration details > Required confidentiality section.
Select the parts of the message to decrypt. The message parts selected for the request decryption on the server must match the message parts selected for the message encryption on the client. Click Add and select either of the following message parts:

bodycontent

The user data section of the message.

usernametoken

This token is the basic authentication information.

What to do next

After you specify which parts of the request message to decrypt, specify the method to use decrypt the message. See Configuring the server for request decryption: choosing the decryption method for more information.