WAS v8.5 > Secure applications > Secure web services > Define and managing secure policy set bindings

Configure SCA web service binding for transport layer authentication

Use this task to configure a web service binding to perform transport-layer HTTP basic authentication.

Before beginning this task, install a Service Component Architecture (SCA) application. Intents and policy sets can be used to configure web service bindings to achieve quality of services (QoS).

  1. Configure administrative and application security for the server.

    To secure the service so that it only accepts secure requests, and for the service to require authentication, administrative and application security must be enabled for the server.

  2. Configure the service binding to require transport-layer authentication by specifying the authentication.transport intent for an OSOA composite, or the clientAuthentication.transport intent for an OASIS composite.

    OSOA example

    <service name="AccountService">   <binding.ws 
         requires="authentication.transport"
         ... /> </service>

    OASIS example

    <service name="AccountService">   <binding.ws 
         requires="clientAuthentication.transport"
         ... /> </service>

  3. Configure the reference binding to send a username and password by attaching a policy set and client policy set binding that includes the HTTPTransport policy type.
    <reference name="AccountService">   <binding.ws 
         qos:wsPolicySet="My HTTP Policy Set"
         qos:wsReferencePolicySetBinding="My HTTP Client Binding"
         ... /> </reference>

    The client policy set binding must be configured with the username and password to send with the request. See "Configuring the HTTP transport binding" for information about how to create a policy set and binding for the HTTP transport.

    For additional information on attaching policy sets to the binding.ws element, refer to "Mapping abstract intents and managing policy sets."


Results

When you finish this task, we have configured the web service binding to do SCA transport layer authentication.

We can proceed to configuring other application specific bindings for the policy sets.


Related


Define and managing policy set bindings
Secure JAX-WS web services using message-level security
Secure web services applications at the transport level
Attaching a policy set to a service artifact
Map SCA abstract intents and managing policy sets
Create application specific bindings for policy set attachment
Configure web services client bindings
Configure default Web Services Security bindings
Configure the HTTP transport policy
Configure the SCA web service binding


+

Search Tips   |   Advanced Search