+

Search Tips   |   Advanced Search

Response generator (sender) binding settings


To specify the binding configuration for the response generator or response sender. following steps:

  1. Click Applications > Application Types > WebSphere enterprise apps > application_name.

  2. Click Manage modules.

  3. Click the URI.

  4. Under WS-Security Properties, click Web services: WAS security bindings.

  5. Under Response generator (sender) binding, click Edit custom.

Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the appserver.

The security constraints or bindings are defined using the application assembly process before the application is installed.

If the security constraints are defined in the application, either define the corresponding binding information or select the Use defaults option on this panel and use the default binding information for the cell level or the server-level. The default binding that is provided by this product is a sample. Do not use this sample in a production environment without modifying the configuration. The security constraints define what is signed or encrypted in the WS-Security message. The bindings define how to enforce the requirements.

 

Digital signature security constraint (integrity)

The following table shows the required and optional binding information when the digital signature security constraint (integrity) is defined in the deployment descriptor.


Table 1. Binding information for digital signature constraints

Information type Required or optional
Signing information Required
Key information Required
Key locators Optional
Collection certificate store Optional
Token generator Optional
Properties Optional

Use the key locators and the collection certificate store defined at either the cell level or the server-level.

 

Encryption constraint (confidentiality)

The following table shows the required and optional binding information when the encryption constraint (confidentiality) is defined in the deployment descriptor.


Table 2. Binding information for encryption constraints

Information type Required or optional
Encryption information Required
Key information Required
Key locators Optional
Collection certificate store Optional
Token generator Optional
Properties Optional

Use the key locators and the collection certificate store defined at either the cell level or the server-level.

 

Security token constraint

The following table shows the required and optional binding information when the security token constraint is defined in the deployment descriptor.


Table 3. Binding information for security token constraints

Information type Required or optional
Token generator Required
Collection certificate store Optional
Properties Optional

Use the collection certificate store that is defined at either the cell level or the server-level.

Use defaults

Select this option to use the default binding information from the cell or server level.

If we select this option, the appserver checks for binding information on the server level. If the binding information does not exist on the server level, the appserver checks the cell level.

Port

Port number in the Web service that is defined during application assembly.

Web service

Name of the Web service that is defined during application assembly.





 

Related tasks


Set token generators using JAX-RPC to protect message authenticity at the application level

 

Related


Request generator (sender) binding settings
Request consumer (receiver) binding settings
Response consumer (receiver) binding settings