Set the request or response token policies
Configure the request and response token policies that are part of the WS-Security policy using the admin console. Message requests token policies are applied to requests and enforced on responses to support both quality and interoperability.
Configure some settings for the policies within the policy sets. The default policy sets provided in WAS cannot be edited. You must create a copy of the default policy set or create a completely new policy set in order to specify the policies for it.
Use this admin console task to define policies that specifically support security tokens and properties.
Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the appserver.
- Click Services > Policy sets > Application policy sets > policy_set_name > WS-Security policy.
- Click one of the following links:
- Main policy or
- Bootstrap policy
- Click the Main policy link to specify how message security policies are applied to requests and enforced on responses to support interoperability.
- Click the Bootstrap policy link to configure how secure conversations are established. A bootstrap policy might already be configured. If no bootstrap policy is currently configured, first ensure that we have enabled message security with symmetric signature and encryption policies and secure conversation tokens for both integrity and confidentiality protection. See Configuring the WS-Security policy.
- Click Request token policies under Request Policies or Response token policies under Response Policies. Use this to panel to define policies that specify which types of security tokens are supported for the properties of each token type.
Results
Once we have customized the WS-Security policy with the associated properties, including the request and response token policies, we can then send and receive protect messages.
Request or Response token policies collection
Related tasks
Web services policies
Manage policy sets
Add policies to policy sets
Delete policies from policy sets
Enable policies for policy sets
Disable policies from policy sets
Add and remove policies using wsadmin
Create policy set attachments using wsadmin
Remove policy set attachments using wsadmin
Manage policy set attachments using wsadmin
Set the WS-Security policy
Related
WS-Security policy settings
Transform algorithms settings
Signed part reference default bindings settings
Main policy and bootstrap policy settings
Request or Response token policies collection
Asymmetric signature and encryption policies settings
Symmetric signature and encryption policies settings
Algorithms settings
Message part protection settings
Application policy sets collection
Application policy set settings
Administrative roles