Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services
Define and managing secure policy set bindings
- Configure the SSL transport policy
When working with policy sets in the administrative console, you can customize policies to ensure message security by configuring the SSL transport policy.
- Configure web service binding for SCA transport layer authentication
Use this task to specify abstract intents in the Service Component Architecture (SCA) composite file to achieve a quality of service for a service or reference. These intents must be mapped to policy sets that can satisfy the intents during deployment.
- Transformation of policy and binding assertions for WSDL
Web Services Security does not fully support the OASIS WS-SecurityPolicy v1.2 standard. However, several of the policy and binding assertions supported by WAS can be transformed and represented as WS-SecurityPolicy v1.2 assertions. The supported assertions are transformed when a WSDL or Web Services Metadata Exchange (WS-MEX) request is received in a message, and also when the client receives a policy containing WS-SecurityPolicy 1.2 assertions.
- Secure message parts
If you are working with policy sets, then you can secure message parts .
To secure message parts with WS-Security using policy sets, define the elements for the message parts to be protected in the WS-Security policy within a policy set.
- Signing and encrypting message parts using policy sets
With web services, you can sign message parts, encrypt message parts, or both, based on the quality of service defined for a policy set. We can accomplish these actions by defining the binding information in a custom attachment binding.
- Configure the callers for general and default bindings
The caller specifies the token or message part used for authentication.
- Change the order of the callers for a token or message part
Specify a caller in default and general bindings indicates which token or tokens to use to create authentication credentials. When there are multiple tokens on an incoming message, the order of the callers determines which token is used for the credentials. We can rearrange the order of the callers .
- Configure web service binding to use SSL
Use this task to specify abstract intents in the Service Component Architecture (SCA) composite file to achieve a quality of service for secure connection using SSL. The default SCA composite file is called default.composite and it is located in the META-INF level of the application structure. These intents must be mapped to policy sets that can satisfy the intents during deployment.
- Configure web service binding for LTPA authentication
Use this task to configure a web service binding to perform authentication using Lightweight Third-Party Authentication (LTPA) tokens.
- Policy set bindings settings for WS-Security
Use this page to view, define or configure general bindings and application specific properties for the WS-Security policy. We can configure the main policy or the secure conversation bootstrap policy by editing the general bindings.
- Keys and certificates
Use this page to link to key and certificate binding configuration panels. This panel defines key and certificate bindings for JAX-WS web services only. These keys and certificates can be centrally managed by the product or in an external keystore.
- WS-Security authentication and protection
Use the links on this page to configure authentication, protection, signature, and encryption information that the policy requires.
- Caller settings
Use this page to configure the caller settings. The caller specifies the token or message part used for authentication.
- Caller collection
The caller specifies the token or message part that you want to use for authentication. Use this administrative console page to access, view and configure the caller settings for message parts.
- Message expiration settings
Use this page to define settings for message expiration, if and when messages expire. When you specify message expiration, the message expires after the specified interval of time passes.
- Actor roles settings
Use this page to define settings for SOAP actor roles. The SOAP actor, also known as the SOAP role, defines the intermediary or ultimate recipient of a message.