Key locator collection

View a list of key locator configurations that retrieve keys from the keystore for digital signature and encryption. A key locator must implement the com.ibm.wsspi.wssecurity.config.KeyLocator interface.

Cell level:

Security > security runtime > Additional properties > Key locators

Server level:

Servers > Server Types > WebSphere application servers > server > Security > security runtime > Additional properties > Key locators

Application level:

Applications > Application Types > WebSphere enterprise applications > application_name > Manage modules > URI_name > Web Services Security Properties.

We can access key locators for the following bindings:

• Request generator...
  Web services: Client security bindings > Request generator (sender) binding > Edit custom > Key locators

• Request consumer:
  Web services: Server security bindings Request consumer (receiver) binding > Edit custom > Key locators

• Response generator, click...
  Web services: Server security bindings Response generator (sender) binding > Edit custom > Key locators

• Response consumer...
  Web services: Client security bindings > Response consumer (receiver) binding > Edit custom > Key locators
1. Under Additional properties, we can access key locators for the following bindings:

   • Request sender:
     Web services: Client security bindings > Request sender binding > Edit > Key locators

   • Request receiver
     Web services: Server security bindings > Request receiver binding > Edit > Key locators

   • Response sender
     Web services: Server security bindings > Response sender binding > Edit > Key locators

   • Response receiver
     Web services: Client security bindings > Response receiver binding > Edit > Key locators

Tip: The bindings for a v6.x. or later application has a link that says Edit custom.

Use this Key locator collection panel, complete the following steps:

1. Specify a key locator name and a key locator class name on the panel.

2. Save changes by clicking Save in the messages section. The administrative console home panel is displayed.

3. After saving our changes, update the Web Services Security run time with the default binding information by clicking Update runtime. When we click Update runtime, the configuration changes made to the other Web services also are updated in the Web Services Security run time.

4. After we define key locators, click the key locator name to specify additional properties and keys under Additional Properties.

Key locator name

Unique name of the key locator.

Key locator class name

Class name of the key locator, which retrieves the key used for digital signing and encryption.

Configure the key locator using JAX-RPC for the generator binding on the application level

Key locator configuration settings