Key locator collection

To view a list of key locator configurations that retrieve keys from the keystore for digital signature and encryption. A key locator must implement the com.ibm.wsspi.wssecurity.config.KeyLocator interface.

To view the admin console panel for the key locator collection on the cell level...

1. Click Security > JAX-WS and JAX-RPC security runtime.

2. Under Additional properties, click Key locators.

To view this admin console page for the key locator collection on the server level...

1. Click Servers > Server Types > WebSphere application servers > server_name.

2. Under Security, click JAX-WS and JAX-RPC security runtime.

   In a mixed node cell with a server using Websphere Application Server version 6.1 or earlier, click Web services: Default bindings for WS-Security

3. Under Additional properties, click Key locators.

To use this admin console page for the key locator collection on the application level...

1. Click Applications > Application Types > WebSphere enterprise apps > application_name.

2. Click Manage modules > URI_name.

3. Under WS-Security Properties, we can access key locators for the following bindings:

   • For the Request generator, click Web services: Client security bindings. Under Request generator (sender) binding, click Edit custom > Key locators.

   • For the Request consumer, click Web services: WAS security bindings. Under Request consumer (receiver) binding, click Edit custom > Key locators.

   • For the Response generator, click Web services: WAS security bindings. Under Response generator (sender) binding, click Edit custom > Key locators.

   • For the Response consumer, click Web services: Client security bindings. Under Response consumer (receiver) binding, click Edit custom > Key locators.

4. Under Additional properties, we can access key locators for the following bindings:

   • For the Request sender, click Web services: Client security bindings. Under Request sender binding, click Edit > Key locators.

   • For the Request receiver, click Web services: WAS security bindings. Under Request receiver binding, click Edit > Key locators.

   • For the Response sender, click Web services: Server security bindings. Under Response sender binding, click Edit > Key locators.

   • For the Response receiver, click Web services: Client security bindings. Under Response receiver binding, click Edit > Key locators.

Tip: The bindings for a version 5.x application has a link that says Edit and the bindings for a V6.0.x. or later application has a link that says Edit custom. This is quick reference to determine which application version that we are configuring.

Using this Key locator collection panel...

1. Specify a key locator name and a key locator class name on the panel.

2. Save the changes by clicking Save in the messages section at the top of the admin console. The admin console home panel is displayed.

3. After saving the changes, update the WS-Security run time with the default binding information by clicking Update runtime. When you click Update runtime, the configuration changes made to the other Web services also are updated in the WS-Security run time.

4. After you define key locators, click the key locator name to specify additional properties and keys under Additional Properties.

Key locator name

Unique name of the key locator.

Key locator class name

Class name of the key locator, which retrieves the key used for digital signing and encryption.

---

 

Related tasks

Set the key locator using JAX-RPC for the generator binding on the application level

 

Related

Key locator settings