WAS v8.5 > Develop applications > Develop web services - Security (WS-Security) > Configure Web Services Security during application assembly > Configure pluggable tokens for v5.x web services with an assembly toolSecure web services for version 5.x applications using a pluggable token
To use pluggable tokens to secure the web services, configure both the client request sender and the server request receiver. We can configure your pluggable tokens using the WebSphere Application Server dmgr console. There is an important distinction between v5.x and v6.0.x and later applications. The information in this article supports v5.x applications only used with WAS v6.0.x and later. The information does not apply to v6.0.x and later applications.
WAS provides several different methods to secure the web services. A pluggable token is one of these methods. You might secure your Web services using any of the following methods:
- XML digital signature
- XML encryption
- Basicauth authentication
- Identity assertion authentication
- Signature authentication
- Pluggable token
To secure the web services using a pluggable token:
- Generate a security token using the JAAS CallbackHandler interface. The Web Services Security runtime uses the JAAS CallbackHandler interface as a plug-in to generate security tokens on the client side or when web services are acting as a client.
- Configure your pluggable token. For more information, see the following tasks:
Related concepts:
Secure web services
Pluggable token support
LTPA
Related
Configure pluggable tokens using an assembly tool
Configure pluggable tokens
Configure the client for LTPA token authentication: specifying LTPA token authentication
Configure the client for LTPA token authentication: collecting the authentication method information
Configure the server to handle LTPA token authentication information
Configure the server to validate LTPA token authentication information