Network Deployment (Distributed operating systems), v8.0 > Administer applications and their environment > Administer web services - Bus enabled web services > Enable web services through the service integration bus > Create a new WS-Security binding
Modify an existing WS-Security binding
We can add or modify the configuration details for a WS-Security binding that is configured for use with service integration bus-enabled web services. You use WS-Security bindings to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
WS-Security bindings provide the information that the run-time environment needs to implement the WS-Security configuration (for example "To sign the body, use this key"). You receive this security binding information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-bnd.xmi file for the client, and an ibm-webservices-bnd.xmi file for the target web service. You extract the information from these .xmi files, then manually enter it into the WS-Security bindings forms.
Bindings are administered independently from any web service that uses them, so you can create a binding then apply it to many web services.
To list the WS-Security bindings, and to view and modify their configuration details...
Procedure
- Start the admin console.
- In the navigation pane, click Service integration -> Web services -> WS-Security bindings . A list of WS-Security bindings is displayed in a WS-Security bindings collection form.
Each available binding is flagged as one of the following binding types:
For WS-Security Version 1.0:
- request consumer, for use when consuming requests from a client to an inbound service.
- request generator, for use when generating requests from an outbound service to a target web service.
- response consumer, for use when consuming responses from a target web service to an outbound service.
- response generator, for use when generating responses from an inbound service to a client.
For WS-Security Draft 13:
- request receiver, for use when receiving requests from a client to an inbound service.
- request sender, for use when sending requests from an outbound service to a target web service.
- response receiver, for use when receiving responses from a target web service to an outbound service.
- response sender, for use when sending responses from an inbound service to a client.
Each available binding is also flagged as complying with either the Web Services Security (WS-Security) 1.0 specification or the WS-Security Draft 13 specification.
Use of WS-Security Draft 13 was deprecated in WAS v6.0. Use of WS-Security Draft 13 is deprecated, and you should only use it to allow continued use of an existing web services client application that has been written to the WS-Security Draft 13 specification.
- Click the name of a WS-Security binding in the list. The current settings for this WS-Security binding are displayed.
- Modify the configuration details for this WS-Security binding. For detailed reference information about each value that you can set, click on the associated link in the following tables:
Value references for WS-Security 1.0 bindings. The left hand column of this table lists the value references for the WS-Security 1.0 request consumer, and the right hand column lists the value references for the WS-Security 1.0 request generator.
WS-Security 1.0 request consumer WS-Security 1.0 request generator
- Signing information collection
- Encryption information collection
- Token consumer collection
- Key information collection
- Key locator collection
- Collection certificate store collection
- Trust anchor collection
- Web Services Security property collection
- Signing information collection
- Encryption information collection
- Token generator collection
- Key information collection
- Key locator collection
- Collection certificate store collection
- Properties
Value references for WS-Security 1.0 bindings. The left hand column of this table lists the value references for the WS-Security 1.0 response generator, and the right hand column lists the value references for the WS-Security 1.0 response consumer.
WS-Security 1.0 response generator WS-Security 1.0 response consumer
- Signing information collection
- Encryption information collection
- Token generator collection
- Key information collection
- Key locator collection
- Collection certificate store collection
- Web Services Security property collection
- Signing information collection
- Encryption information collection
- Token consumer collection
- Key information collection
- Key locator collection
- Collection certificate store collection
- Trust anchor collection
- Web Services Security property collection
Value references for Draft 13 WS-Security bindings. The left hand column of this table lists the value references for the WS-Security Draft 13 request receiver, and the right hand column lists the value references for the WS-Security Draft 13 request receiver.
WS-Security Draft 13 request receiver WS-Security Draft 13 request sender
- Signing information collection
- Encryption information collection
- Trust anchor collection
- Collection certificate store collection
- Key locator collection
- Trusted ID evaluator collection
- Login mappings collection
- Signing information collection
- Encryption information collection
- Key locator collection
- Login bindings configuration settings
Value references for Draft 13 WS-Security bindings. The left hand column of the table lists the value references for the WS-Security Draft 13 response sender, and the right hand column lists the value references for the WS-Security Draft 13 response receiver.
WS-Security Draft 13 response sender WS-Security Draft 13 response receiver
- Signing information collection
- Encryption information collection
- Trust anchor collection
- Collection certificate store collection
- Key locator collection
- Save your changes to the master configuration.
Results
If the processing completes successfully, the list of WS-Security bindings is redisplayed. Otherwise, an error message is displayed.
Service integration technologies and WS-Security