Web Services Security property configuration settings
Configure additional security properties.
We can view a Web Services Security property configuration settings panel at the cell level. Complete the following steps to view one of these administrative console pages:
- Click Security > security runtime.
- Under JAX-RPC Default Generator Bindings or JAX-RPC Default Consumer Bindings, click Properties > New.
Property Name
Name of the property.
Information Value Data type: String
Property Value
Value for the property.
Information Value Data type: String The following table lists the properties that we can configure using the Web Services Security property panels.
Configuration panel name Property name Property value Description JAAS configuration com.ibm.wsspi.wssecurity. token.X509.issuerName Specify the SubjectDN or the IssuerDN of the issuer for the X.509 certificate. Specify the issuer of the certificate in the token consumer component. JAAS configuration com.ibm.wsspi.wssecurity. token.X509.issuerSerial Specify the serial number of the X.509 certificate. Specify the serial number of the certificate in the token consumer component. Key information com.ibm.wsspi.wssecurity. keyinfo.EncodingNS Specify the namespace Uniform Resource Identifier (URI) for the qualified name (QName). Specify the namespace URI part of the QName that represents the encoding method. Properties com.ibm.ws.wssecurity.handler. hardwareCacheEntryRefreshHours Specify a numeric value from 1 to 24 that represents the number of hours that a temporary key is valid. Amount of time before a key is retranslated. Temporary keys outside the keystore typically expire in a short period of time, measured in days or hours. If the server is configured to use a hardware acceleration card, but not the hardware keystore, we can configure it to translate the temporary keys periodically before they expire. If this property is not set, a key will be retranslated after 8 hours. Setting this value to 0 disables retranslation. Request generator and Response generator com.ibm.wsspi.wssecurity. timestamp.SOAPHeaderElement Specify 1 or true. This property is used with the Add nonce option to set the mustUnderstand flag in the deployment descriptor. Request generator and Response generator com.ibm.wsspi.wssecurity. timestamp.dialect
- A WAS special keywords
- An XPath
- A WS-Policy function
The default is dialect-was. See the com.ibm.wsspi.wssecurity Interface Constants for more information about the values that can be specified.
This property is used in conjunction with the com.ibm.wsspi.wssecurity. timestamp.keywordThe property is used to place the timestamp header in a specific position in a message.Signing information com.ibm.wsspi.wssecurity. dsig.dumpPath Path used to locate the output file. Specify an output file for dumping the target UTF-8 binary data before signing and verifying messages. Token generator com.ibm.wsspi.wssecurity. token.username.timestampExpires Specify 1 or true. Specify an expiration date for the user name token. Transform algorithms com.ibm.wsspi.wssecurity. dsig.XPathExpression not(ancestor-or-self::* [namespace-uri()='http://www. w3.org/2000/09/xmldsig#' and local-name()='Signature'])This property is used with this algorithm: http://www.w3.org/TR/1999 /REC-xpath-19991116
Configure the key locator using JAX-RPC for the generator binding on the application level Web Services Security property collection