Get WS-Security information from the owning parties
Use this task to learn how to obtain the WS-Security configurations for the client (for an inbound service) and the target web service (for an outbound service).
You get, from the owning parties, the WS-Security configurations for the client (for an inbound service) and the target web service (for an outbound service). This information is found in the following files on the owners systems:
- Key stores (.ks, .jks and .jceks files).
- Certificate stores (.cer files).
- Security settings (the ibm-webservicesclient-ext.xmi file for the client, and the ibm-webservices-ext.xmi file for the web service).
- Binding information - for example the location of a keystore file on the file system (the ibm-webservicesclient-bnd.xmi file for the client, and the ibm-webservices-bnd.xmi file for the Web service).
If the client is hosted on WebSphere Application Server, and the Web Service Security settings are created using IBM web services tooling (for example IBM Rational Application Developer), then the files that contain the security settings and binding information have the exact file names (*.xmi) noted previously. For clients and web services from other vendors, these files have different file names.
We must copy the key store and certificate store files to the WAS file system, and enter and configure (as WS-Security bindings and configurations) the security settings contained in the .xmi files. There are tools available (for example IBM Rational Application Developer) that can parse the .xmi files for you.
Related:
Service integration technologies and WS-Security Overview of standards and programming models for web services message-level security Secure web services applications using the WSS APIs at the message level