+

Search Tips   |   Advanced Search

Configure SCA web service binding for transport layer authentication

Use this task to configure a web service binding to perform transport-layer HTTP basic authentication.

Before beginning this task, install a Service Component Architecture (SCA) application.

Intents and policy sets can be used to configure web service bindings to achieve quality of services (QoS).

  1. Configure administrative and application security for the server.

    To secure the service so that it only accepts secure requests, and for the service to require authentication, administrative and application security must be enabled for the server.

  2. Configure the service binding to require transport-layer authentication by specifying the authentication.transport intent for an OSOA composite, or the clientAuthentication.transport intent for an OASIS composite.

    OSOA example

    <service name="AccountService">
      <binding.ws       requires="authentication.transport"
         ... />
    </service>

    OASIS example

    <service name="AccountService">
      <binding.ws       requires="clientAuthentication.transport"
         ... />
    </service>

  3. Configure the reference binding to send a username and password by attaching a policy set and client policy set binding that includes the HTTPTransport policy type.
    <reference name="AccountService">
      <binding.ws       qos:wsPolicySet="My HTTP Policy Set"
         qos:wsReferencePolicySetBinding="My HTTP Client Binding"
         ... />
    </reference>

    The client policy set binding must be configured with the username and password to send with the request. See "Configuring the HTTP transport binding" for information about how to create a policy set and binding for the HTTP transport.

    For additional information on attaching policy sets to the binding.ws element, refer to "Mapping abstract intents and managing policy sets."


Results

When you finish this task, we have configured the web service binding to do SCA transport layer authentication.


What to do next

We can proceed to configuring other application specific bindings for the policy sets.


Related tasks

  • Define and manage policy set bindings
  • Secure JAX-WS web services using message-level security
  • Secure web services applications at the transport level
  • Attaching a policy set to a service artifact
  • Mapping SCA abstract intents and managing policy sets
  • Create application specific bindings for policy set attachment
  • Configure web services client bindings
  • Configure default Web Services Security bindings
  • Configure the HTTP transport policy
  • Configure the SCA web service binding