Configure custom properties to secure web services

We can configure name-value pairs of data, where the name is a property key and the value is a string value we can use to set internal system configuration properties. Defining a new property enables us to configure a setting beyond that which is available through options in the administrative console.

The Web Services Security custom properties topic gives the following information about each custom property:

• Provides a detailed description of the property
• States the type of data needed to set the property

• Provides a list of possible values
• Lists the default value

Important: Custom properties that we set for the default consumer or default generator bindings take precedence over general custom properties that we set as additional properties. However, custom bindings take precedence over default bindings.

The following steps explain how to set custom properties to secure Web services:

Tasks

• Set custom properties for JAX-RPC applications. We can set custom properties to secure Web services for JAX-RPC applications in multiple locations within the administrative console. We can set these custom properties for the default consumer, default generator, or both bindings. Also, we can set custom properties as general additional properties. Collectively, the default consumer bindings, the default generator bindings, and the additional properties are referred to as the default bindings.
  • Custom bindings

    1. Expand Applications > Application Types.

    2. Click WebSphere enterprise applications > application_name.

    3. Under Modules, click Manage Modules > module_name.

    4. Under Web Services Security Properties, click Web services: Server security bindings or Web services: Client security bindings > Edit custom.

  • Default consumer bindings

    1. Expand Servers > Server types.

    2. Click WebSphere applications servers > server.

    3. Under Security, click security runtime.

    4. Under JAX-RPC Default Consumer Bindings, click Properties.

  • Default generator bindings

    1. Expand Servers > Server types.

    2. Click WebSphere applications servers > server.

    3. Under Security, click security runtime.

    4. Under JAX-RPC Default Generator Bindings, click Properties.

  • Additional properties

    1. Expand Servers > Server types.

    2. Click WebSphere applications servers > server.

    3. Under Security, click security runtime.

    4. Under Custom properties, click Custom properties.

  Order of precedence for custom properties with JAX-RPC applications: Custom properties that we set in the WS-Security extension and custom bindings take precedence over custom properties that we set in the default bindings. Custom properties that we set in the WS-Security bindings take precedence over custom properties that we set in the WS-Security extension. Custom properties that we set in the generator or sender and consumer or receiver bindings take precedence over custom properties that we set in the additional properties.

• Set custom properties for JAX-WS applications. We can set custom properties to secure web services for JAX-WS applications in multiple locations within the administrative console. We can set these custom properties in the custom bindings for an application, in the WS-Security default bindings, or for inbound and outbound messages.
  • Custom bindings for an application

    1. Expand Services > Service clients or Services > Service providers.

    2. Click service_name > binding_name.

    3. Click WS-Security.

    4. Under the Main message security policy bindings heading, click Custom properties.

  • WS-Security default bindings

    1. Expand Services > Policy sets .

    2. Click General provider policy set bindings or General client policy set bindings > binding_name > WS-Security.

    3. Under Main Message Security Policy Bindings, click Custom properties.

  • Inbound and outbound custom properties

    1. Expand Services > Policy sets.

    2. Click Default policy set bindings.

    3. Under the Policy heading, click WS-Security.

    4. Under the Main message security policy bindings heading, click Custom properties.

    See Inbound and outbound custom properties topic.

  Alternatively, we can set these properties as parameters or inbound binding properties for our JAX-WS application using wsadmin.sh. The following WS-Security policy type property names are used in the setBinding function:

  • application.parameters
  • application.securityinboundbindingconfig.properties
  • application.securityoutboundbindingconfig.properties

  Custom properties for policy set bindings can not be set using the Web Services Security API. The custom properties must be set using the administrative console.

Subtopics

• Web services security custom properties
  We can configure name-value pairs of data, where the name is a property key and the value is a string value we can use to set internal system configuration properties. Defining a new property enables us to configure a setting beyond that which is available through options in the administrative console.
• Web services security generic security token login module custom properties
  When we configure a generic security token login module, we can configure name-value pairs of data, where the name is a property key and the value is a string value we can use to set internal system configuration properties. Use these configuration properties, along with the options provided in the administrative console, to control how the token is generated or consumed.
• Web services security SAML token custom properties
  When we configure a web services security SAML token, we can configure name-value pairs of data, where the name is a property key and the value is a string value we can use to set internal system configuration properties. Use these configuration properties, along with the options provided in the administrative console, to control how the SAML token is generated or consumed.