Configure the username and password for WS-Security Username or LTPA token authentication

When using the Username WSSecurity default policy set, configure the username and password for username token authentication separately from the security settings defined in the bindings.

When we install a JAX-WS application and attach the default Username WSSecurity default policy set, the next step is to configure the general provider sample binding for the JAX-WS provider, and the general client sample binding for the JAX-WS client. However, the binding file for the default client sample binding does not include a username or password for token authentication. Since the username and password is not available from the target deployed system, we must specify a valid username and password in the environment using the administrative console.

Tasks

1. Log in to the administrative console, then click Services > Policy sets > General client.policy set bindings.

2. Click Client sample to edit the binding.

3. Click WS-Security.

   Add basic authentication information, such as username and password, to the general client sample bindings for any policy set that uses a Username token or LTPA token, including:

   • Username SecureConversation

   • Username WS-I RSP
   • LTPA SecureConversation
   • LTPA WS-I RSP
   • LTPA WSSecurity default

4. Click Authentication and protection.

5. In the Authentication tokens table, click gen_signunametoken to edit the username token settings.

6. Click Callback handler in the Additional Bindings section.

7. Enter the appropriate username and password information for the environment in the User name and Password fields.

8. Enter the password a second time in the Confirm Password field, then click Apply.
9. Repeat steps 5 through 8 for the gen_signltpatoken LTPA token generator.

This administrative console panel applies only to JAX-WS web services.

Callback handler settings for JAX-WS