WAS v8.5 > Reference > Configuration file descriptionsDefault configuration for WAS
For JAX-RPC applications, each application server, in WebSphere Application Server, uses a copy of the ws-security.xml file to define the default binding information for Web Services Security.
There is an important distinction between v5.x and v6.0.x applications. The information in this article supports v5.x applications only used with WAS v6.0.x and later. The information does not apply to v6.0.x and later applications.
In the WAS, each application server has a copy of the ws-security.xml file, which defines the default binding information for Web Services Security. The following list contains the defaults defined in the ws-security.xml file:
- Trust anchors
- Identifies the trusted root certificates for signature verification.
- Collection certificate stores
- Contains certificate revocation lists (CRLs) and non-trusted certificates for verification.
- Key locators
- Locates the keys for digital signature and encryption.
- Trusted ID evaluators
- Evaluates the trust of the received identity before identity assertion.
- Login mappings
- Contains the JAAS configurations for AuthMethod token validation.
If the Web Services Security constraints specified in the deployment descriptors and the required bindings are not defined in the bindings file, the default constraints in the ws-security.xml file are used.
When we use the addNode command, the ws-security.xml file is added with the server configuration to the new cell. The following figure shows the activity when we use the addNode command.
Figure 1. Configuration when using the addNode command
Related concepts:
Trust anchors
Collection certificate store
Key locator
Trusted ID evaluator
Login mappings