+

Search Tips   |   Advanced Search

Request consumer (receiver) binding configuration settings

Use this page to specify the binding configuration for the request consumer. To view this console page:

  1. Click Applications > Application Types > WebSphere enterprise applicationsapplication_name.

  2. Click Manage modules.

  3. Click the Uniform Resource Identifier (URI).

  4. Under Web Services Security Properties, click Web services: Server security bindings.

  5. Under Request consumer (receiver) binding, click Edit custom.

Depending on the assigned security role when security is enabled, you might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.

The security constraints or bindings are defined using the application assembly process before the application is installed.

(zos) An assembly tool is not available on the z/OS platform.

If the security constraints are defined in the application, you must either define the corresponding binding information or select the Use defaults option on this panel and use the default binding information for the cell or server level. The default binding provided by this product is a sample. Do not use this sample in a production environment without modifying the configuration. The security constraints define what is signed or encrypted in the Web Services Security message. The bindings define how to enforce the requirements.


Digital signature security constraint (integrity)

The following table shows the required and optional binding information when the digital signature security constraint (integrity) is defined in the deployment descriptor.

information for digital signature security constraints. The
Information type Required or optional
Signing information Required
Key information Required
Token consumer Required
Key locators Optional
Collection certificate store Optional
Trust anchors Optional
Properties Optional
We can use the key locators, collection certificate stores, and trust anchors defined at either the server level or the cell level.


Encryption constraint (confidentiality)

The following table shows the required and optional binding information when the encryption constraint (confidentiality) is defined in the deployment descriptor.

information for encryption constraints. The binding information
Information type Required or optional
Encryption information Required
Key information Required
Token consumer Required
Key locators Optional
Collection certificate store Optional
Trust anchors Optional
Properties Optional
We can use the key locators, collection certificate store, and trust anchors defined at either the server level or the cell level.


Security token constraint

The following table shows the required and optional binding information when the security token constraint is defined in the deployment descriptor.

constraints. The binding information is used for signing
Information type Required or optional
Token consumer Required
Collection certificate store Optional
Trust anchors Optional
Properties Optional
We can use the collection certificate store and trust anchors defined at the server level or the cell level.


Use defaults

Select this option to use the default binding information from the server or cell level.

If we select this option, the application server checks for binding information on the server level. If the binding information does not exist on the server level, the application server checks the cell level.


Port

Port in the web service defined during application assembly.


Web service

Name of the web service defined during application assembly.


Related tasks

  • Configure token consumers using JAX-RPC to protect message authenticity at the application level

    Request generator (sender) binding configuration settings

    Response generator (sender) binding configuration settings

    Response consumer (receiver) binding configuration settings