+

Search Tips   |   Advanced Search

ws-security.xml file - Default configuration for WAS ND

For JAX-RPC applications, WebSphere Application Server, Network Deployment installation uses the ws-security.xml file to define the default binding information for Web Services Security for an entire cell.

In the WAS ND installation, the ws-security.xml file is at the cell level and defines the default binding information for Web Services Security for the entire cell. But each application server can have its own ws-security.xml file to override the cell default; similarly, each web service can override the default in its binding files. The following list contains the defaults defined in ws-security.xml file:

Trust anchors

Identifies the trusted root certificates for signature verification.

Collection certificate stores

Contains certificate revocation lists (CRLs) and non-trusted certificates for verification.

Key locators

Locates the keys for digital signature and encryption.

Trusted ID evaluators

Evaluates the trust of the received identity before identity assertion.

Login mappings

Contains the JAAS configurations for AuthMethod token validation.

The Web Services Security run time reads the configuration from the application bindings first, then tries the server-level, and finally tries the cell level. The following figure depicts the runtime configuration process.

Figure 1. Runtime configuration


Related:

  • Default binding
  • Trust anchors
  • Collection certificate store
  • Key locator
  • Trusted ID evaluator
  • Login mappings