Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Secure web services > Web Services Security concepts > Web Services Security concepts for v5.x applications


Request sender

The security handler on the request sender side of the SOAP message enforces the security constraints, located in the ibm-webservicesclient-ext.xmi file, and bindings, located in the ibm-webservicesclient-bnd.xmi file. These constraints and bindings apply both to Java EE application clients or when web services are acting as a client. The security handler acts on the security constraints before sending the SOAP message. For example, the security handler might digitally sign the message, encrypt the message, create a time stamp, or insert a security token.

There is an important distinction between Version 5.x and v6 and later applications. The information in this article supports v5.x applications only that are used with WAS v6.0.x and later. The information does not apply to v6 and later applications.

The security handler on the request sender side of the SOAP message enforces the security constraints, located in the ibm-webservicesclient-ext.xmi file, and the bindings, located in the ibm-webservicesclient-bnd.xmi file. These constraints and bindings apply both to Java EE application clients or when web services are acting as a client. The security handler acts on the security constraints before sending the SOAP message. Request sender security constraints must match the security constraint requirements defined in the request receiver. For example, the security handler might digitally sign the message, encrypt the message, create a time stamp, or insert a security token. We can specify the following security requirements for the request sender and apply them to the SOAP message:

Integrity (digital signature)

We can select multiple parts of a message to sign digitally. The following list contains the integrity options:

Confidentiality (encryption)

We can select multiple parts of a message to encrypt. The following list contains the confidentiality options:

Security token

We can insert only one token into the message. The following list contains the security token options:

Timestamp

We can have a time stamp to indicate the timeliness of the message.

  • Timestamp


Related


Request sender binding collection
Response sender
Response receiver
Request receiver
Secure web services for v5.x applications using XML encryption

+

Search Tips   |   Advanced Search