Configuring Web Services Security during application assembly

If we configure Web Services Security with an assembly tool, the Web Services Security binding information is modified

Subtopics

• Configure HTTP outbound transport level security with an assembly tool
  We can configure the HTTP outbound transport level security with an assembly tool.

• Configure HTTP basic authentication for JAX-RPC web services with an assembly tool
  We can configure HTTP basic authentication for JAX-RPC web services with an assembly tool.

• Configure XML digital signature for Version 5.x web services with an assembly tool
  XML digital signature is one of the methods WebSphere Application Server provides to secure the web services. It provides message integrity and authentication capabilities when used with SOAP messages.

• Configure XML encryption for Version 5.x web services with an assembly tool
  XML encryption is one method that WebSphere Application Server provides to secure the web services. It enables you to encrypt an XML element, the content of an XML element, or arbitrary data such as an XML document.

• Configure XML basic authentication for Version 5.x web services with an assembly tool
  With the basic authentication (BasicAuth) authentication method, the request sender generates a BasicAuth security token using a callback handler. The request receiver retrieves the BasicAuth security token from the SOAP message and validates it using a Java™ Authentication and Authorization Service (JAAS) login module. Trust is established by using user name and password validation.

• Configure identity assertion for Version 5.x web services with an assembly tool
  With the identity assertion authentication method, the security token generates a <wsse:UsernameToken> element containing a <wsse:Username> element. On the request sender side, a callback handler is invoked to generate the security token. On the request receiver side, the security token is validated. Trust is established through the use of a security token rather than through user name and password validation.

• Configure signature authentication for Version 5.x web services with an assembly tool
  With the signature authentication method, the request sender generates a signature security token using a callback handler. The security token returned by the callback handler is inserted in the SOAP message. The request receiver retrieves the Signature security token from the SOAP message and validates it using a Java™ Authentication and Authorization Service (JAAS) login module.

• Configure pluggable tokens for Version 5.x web services with an assembly tool
  WebSphere Application Server provides several different methods to secure the web services, including the pluggable token method. To use pluggable tokens to secure the web services, configure both the client request sender and the server request receiver.