Key locator collection

Use this page to view a list of key locator configurations that retrieve keys from the keystore for digital signature and encryption. A key locator must implement the com.ibm.wsspi.wssecurity.config.KeyLocator interface.

To view the administrative console panel for the key locator collection on the cell level, complete the following steps:

1. Click Security > Web services.

2. Under Additional properties, click Key locators.

To view this administrative console page for the key locator collection on the server level, complete the following steps:

1. Click Servers > Application servers > servername.

2. Under Security, click Web services: Default bindings for Web services security.

3. Under Additional properties, click Key locators.

To use this administrative console page for the key locator collection on the application level, complete the following steps:

1. Click Applications > Enterprise applications > appname.

2. Under Related items, click EJB modules or Web modules > URI_name.

3. Under Additional properties, one can access key locators for the following bindings:

   • For the Request generator, click Web services: Client security bindings. Under Request generator (sender) binding, click Edit custom > Key locators.

   • For the Request consumer, click Web services: Server security bindings. Under Request consumer (receiver) binding, click Edit custom > Key locators.

   • For the Response generator, click Web services: Server security bindings. Under Response generator (sender) binding, click Edit custom > Key locators.

   • For the Response consumer, click Web services: Client security bindings. Under Response consumer (receiver) binding, click Edit custom > Key locators.

4. Under Additional properties, one can access key locators for the following bindings:

   • For the Request sender, click Web services: Client security bindings. Under Request sender binding, click Edit > Key locators.

   • For the Request receiver, click Web services: Server security bindings. Under Request receiver binding, click Edit > Key locators.

   • For the Response sender, click Web services: Server security bindings. Under Response sender binding, click Edit > Key locators.

   • For the Response receiver, click Web services: Client security bindings. Under Response receiver binding, click Edit > Key locators.

Tip: The bindings for a v5.x application has a link that says Edit and the bindings for a v6.0.x.x application has a link that says Edit custom. This is quick reference to determine which application version you are configuring.

Using this Key locator collection panel, complete the following steps:

1. Specify a key locator name and a key locator class name on the panel.

2. Save your changes by clicking Save in the messages section at the top of the administrative console. The administrative console home panel is displayed.

3. After saving your changes, update the Web services security run time with the default binding information by clicking Update runtime. When you click Update runtime, the configuration changes made to the other Web services also are updated in the Web services security run time.

4. After you define key locators, click the key locator name to specify additional properties and keys under Additional Properties.

Key locator name

Specifies the unique name of the key locator.

Key locator class name

Specifies the class name of the key locator, which retrieves the key that is used for digital signing and encryption.

---

 

---