+

Search Tips   |   Advanced Search

Request sender binding collection


To specify the binding configuration to send request messages for WS-Security.

There is an important distinction between V5.x and Version 6 and later applications. The information in this article supports Version 5.x applications only that are used with WAS V6.0.x and later. The information does not apply to V 6.0.x and later applications.

  1. Click Applications > Application Types > WebSphere enterprise appsapplication_name.

  2. Under Modules, click Manage modules > URI_file_name.

  3. Under WS-Security Properties, click Web services: Client security bindings.

  4. Under Request sender binding, click Edit.

WS-Security namespace

Namespace used by WS-Security to send a request. However, this field configures the namespace value only and does not enforce the semantics of the spec related to the namespace. Web services security uses the processing semantic only in draft 13 of the OASIS specification.

The following schemas are available:

  • http://schemas.xmlsoap.org/ws/2003/06/secext

  • http://schemas.xmlsoap.org/ws/2002/07/secext

  • http://schemas.xmlsoap.org/ws/2002/04/secext

  • None

The namespace used by the response sender is based on the namespace of the incoming message in the request receiver.

Signing information

Configuration for the signing parameters. Signing information is used to sign and validate parts of the message including the body and time stamp.

We can also use these parameters for X.509 validation when the Authentication method is IDAssertion and the ID Type is X509Certificate, in the server-level configuration. In such cases, fill in the Certificate Path fields only.

Encryption information

Configuration for the encrypting and decrypting parameters. Encryption information is used for encrypting and decrypting various parts of a message, including the body and user name token.

Key locators

List of key locator objects that retrieve the keys for digital signature and encryption from a keystore file or a repository. The key locator maps a name or a logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.

Login mappings

List of configurations for validating tokens within incoming messages.

Login mappings map the authentication method to the Java™ Authentication and Authorization Service (JAAS) configuration.

To configure JAAS...

  1. Click...

      Security | Global security

  2. Under the Java Authentication and Authorization Service field, select Application logins or System logins.



 

Related concepts


Request sender

 

Related tasks


Set the client for request encryption: Encrypting the message parts
Set the client for request encryption: choosing the encryption method
Set the client for request signing: digitally signing message parts
Set the client for request signing: choosing the digital signature method
Secure Web services for V5.x applications using XML encryption