+

Search Tips   |   Advanced Search

Algorithm mapping configuration settings

View a list of custom uniform resource identifier (URI) algorithms for digest value calculation, signature, key encryption, and data encryption. The application server maps these algorithms to an implementation of the algorithm factory engine interface. With algorithm mappings, service providers can extend the cryptographic algorithms for XML digital signature and XML encryption.

To view this administrative console page on the server level, complete the following steps:

  1. Click Servers > Server Types > WebSphere application servers > server.

  2. Under Security, click security runtime.

    Mixed-version environment: In a mixed node cell with a server using Websphere Application Server version 6.1 or earlier, click Web services: Default bindings for Web Services Security.mixv

  3. Under Additional properties, click Algorithm mappingsalgorithm_factory_engine_class_name.

    The Algorithm mappings feature is not supported when the Use the Federal Information Processing Standard (FIPS) option has been selected on the SSL certificate and key management panel of the administrative console. When this option is selected, the New button in the Algorithm mappings panel is not available.

  4. Click New.

To view this administrative console page on the cell level:

  1. Click Security > JAX-WS and JAX-RPC security runtime, or Services > security runtime.

  2. Under Additional properties, click Algorithm mappings > algorithm_factory_engine_class_name.

  3. Click New.


Algorithm factory engine class

Custom class that implements the factory engine interface.

To use this algorithm mapping feature, specify a custom algorithm class in the Algorithm factory engine class field for digital signature, data encryption, digest value calculation, and key encryption. The algorithm factory engine provides a plug-in point for service providers to provide their implementation for digest value calculation, digital signature, key encryption, and data encryption based on a specified algorithm uniform resource identifier (URI). By clicking Algorithm URI under Additional properties, we can specify the algorithm URI and its usage type. This product supports the following algorithm types:

Message digest

Algorithm URI used for digest value calculation.

Signature

Algorithm URI used for digital signatures including both signing and signature verification.

Data encryption

Algorithm URI used for both encrypting and decrypting data.

Key encryption

Algorithm URI used for both encrypting and decrypting the encryption key.
If the URI is used for multiple usage types, then we must define a mapping of the URI to each usage type. The actual implementation of the algorithm is provided by the custom class that implements the factory engine interface. Refer to the information center documentation on how to implement a factory class.

By clicking Properties under Additional properties, we can specify name-value pair properties for the factory class.

  • Configure token generators using JAX-RPC to protect message authenticity at the server or cell level
  • Algorithm URI collection
  • Algorithm URI configuration settings
  • Algorithm mapping collection