+

Search Tips   |   Advanced Search

Set WS-Security using JAX-RPC at the platform level


In the platform configuration, general properties and additional properties can be specified, and the default binding is included. We can configure security for Web services at a platform level with a variety of tasks including configuring key locators, trust anchors, and the collection certificate at the generator, consumer binding, and sever levels.

Best practice: IBM WAS supports the JAX-WS model and the JAX-RPC model. JAX-WS is the next generation Web services model extending the foundation provided by the JAX-RPC model. Using the strategic JAX-WS model, development of Web services and clients is simplified through support of a standards-based annotations model. Although the JAX-RPC model and applications are still supported, take advantage of the easy-to-implement JAX-WS model to develop new Web services applications and clients. bprac

Besides the application-level constraints, there is a cell-level and server-level WS-Security (WSS) configuration called a platform-level configuration:

Therefore, binding configuration files can be specified at these levels: application, server, and cell. Each binding configuration overrides the next higher one. For any deployed application, the nearest configuration binding is applied. The visibility scope of the binding depends on where the file is located. If the binding is defined in an application, its visibility is scoped to that particular application. If it is located at the server level, the visibility scope is all applications that are deployed on that server. For ND, if it is located at the cell level, the visibility scope is all applications deployed on all servers of the cell.

To ensure WS-Security at the platform level, we can configure:

 

 

Results

By completing these steps, we have configured WS-Security at the platform level.


Set a nonce on the server or cell level
Distributing nonce caching to servers in a cluster
Set the key locator using JAX-RPC for the generator binding on the application level
Set the key locator using JAX-RPC for the consumer binding on the application level
Set the key locator using JAX-RPC on the server or cell level
Set trust anchors for the generator binding on the application level
Set trust anchors for the consumer binding on the application level
Set trust anchors on the server or cell level
Set the collection certificate store for the generator binding on the application level
Set the collection certificate store for the consumer binding on the application level
Set the collection certificate on the server or cell level
Set trusted ID evaluators on the server or cell level
rrdSecurity.props file

 

Related tasks


Secure JAX-RPC Web services using message level security