WS-Security authentication and protection for application specific bindings
Use the links on this page to configure authentication, signature, and encryption information that the policy requires when using application specific bindings.
We can configure application specific bindings for tokens and message parts required by the policy set.
To view this administrative console page when we are configuring application specific bindings for tokens and message parts that are required by the policy set:
- Click Applications > Application Types > WebSphere enterprise applications.
- Select an application containing web services. The application must contain a service provider or a service client.
- Click the Service provider policy sets and bindings link or the Service client policy sets and bindings in the Web Services Properties section.
- Select a binding. We must have previously attached a policy set and assigned an application specific binding.
- Click the WS-Security policy in the Policies table.
- Click the Authentication and protection link in the Main message security policy bindings section.
This administrative console page applies only to JAX-WS applications.
Disable implicit protection for Signature Confirmation
Specifies whether implicit protection of the SignatureConfirmation element is enabled or disabled.
The explicitlyProtectSignatureConfirmation attribute in the Web Services Security binding is provided to disable implicit signature and encryption of the SignatureConfirmation element on the response message. If this checkbox is selected, the attribute is added and implicit protection is disabled. This provides interoperability with earlier versions of WebSphere Application Server.
Information Value Default: Not selected (implicit protection is enabled)
Protection tokens - Protection token name
List of protection tokens that can be configured in the Protection tokens table for application specific bindings.
The following actions are available for application specific bindings:
Button Resulting Action Unconfigure Removes the selected protection token from the binding.
Protection tokens - Protection token type
Protection token type for application specific bindings.
Protection tokens - Usage
Policy assertion usage names that we can customize in the Protection tokens table.
For the usage field, the following options are available for the application specific bindings:
- Asymmetric encryption generator
- Asymmetric encryption consumer
- Asymmetric signature generator
- Asymmetric signature consumer
- Symmetric encryption generator
- Symmetric encryption consumer
- Symmetric signature generator
- Symmetric signature consumer
Protection tokens - Status
Status of the protection token when using application specific bindings. The valid values are configured, not configured, or incompatible.
Authentication tokens - Security token reference
List of authentication tokens that we can customize in the Authentication tokens table when using application specific bindings.
The following actions are available for application specific bindings:
Button Resulting Action Unconfigure Removes the selected authentication token from the binding.
Authentication tokens - Authentication token type
Authentication token type for the security token reference when using application specific bindings.
Authentication tokens - Usage
Usage names from the Authentication tokens table for application specific bindings.
The following options are available for application specific bindings:
- Inbound request
- Outbound request
- Inbound response
- Outbound response
Authentication tokens - Status
Status of the authentication token form the Authentication tokens table for application specific bindings. The valid values are configured, not configured, or incompatible.
Request message signature and encryption protection - Request message part reference
Name of the request message part in the policy from the Request message signature and encryption protection table that is protected.
The following actions are available for application specific bindings. The Move up and Move down actions are available only when using Service client policy sets and bindings.
Button Resulting Action Unconfigure Removes the selected request message part from the binding. Move up Moves the selected request message part up in the order. Move down Moves the selected request message part down in the order.
Request message signature and encryption protection - Protection
Type of protection from the Request message signature and encryption protection table. This field displays the type of protection enabled for the application specific binding.
Request message signature and encryption protection - Order
Order in which signatures and encryptions occur when using service client policy sets and bindings. Use the Move up and Move down actions to order the list of protection types in this table.
Request message signature and encryption protection - Status
Status of the request message signature and encryption protection token when using application specific bindings. The valid values are configured, not configured, or incompatible.
Response message signature and encryption protection - Response message part reference
Name of the response message part in the policy from the Response message signature and encryption protection table that is protected.
The following actions are available for application specific bindings. The Move up and Move down actions are available only when using Service provider policy sets and bindings.
Button Resulting Action Unconfigure Removes the selected response message part from the binding. Move up Moves the selected response message part up in the order. Move down Moves the selected response message part down in the order.
Response message signature and encryption protection - Protection
Type of protection enabled from the Response message signature and encryption protection table. This field displays the type of protection enabled for the response message part.
Response message signature and encryption protection - Order
Order in which signatures and encryptions occur when using service provider policy sets and bindings. Use the Move up and Move down actions to order the list of protection types in this table.
Response message signature and encryption protection - Status
Status of the response message signature and encryption protection token when using application specific bindings. The valid values are configured, not configured, or incompatible.
Define and manage policy set bindings Manage policy sets WS-Security authentication and protection Protection token settings (generator or consumer) Authentication generator or consumer token settings WS-Security authentication and protection for general bindings Signed or Encrypted message part settings Callback handler settings for JAX-WS Policy set bindings settings Keys and certificates