Request sender binding collection

Use this page to specify the binding configuration to send request messages for Web services security. Important distinction between V5.x and v6.x applications

Note: The information in this article supports v5.x applications only that are used with WAS v6.x. The information does not apply to v6.0.x applications.

To view this administrative console page, complete the following steps:

  1. Click Applications > Enterprise applications > appname.

  2. Under Related items, click EJB modules or Web modules > URI_file_name

  3. Under Additional properties, click Web services: Client security bindings.

  4. Under Request sender binding, click Edit.

Web services security namespace

Namespace that is used by Web services security to send a request. However, this field configures the namespace value only and does not enforce the semantics of the specification related to the namespace. Web services security uses the processing semantic only in draft 13 of the OASIS specification. The following schemas are available:

  • http://schemas.xmlsoap.org/ws/2003/06/secext

  • http://schemas.xmlsoap.org/ws/2002/07/secext

  • http://schemas.xmlsoap.org/ws/2002/04/secext

  • None

The namespace used by the response sender is based on the namespace of the incoming message in the request receiver.

Signing information

Specifies the configuration for the signing parameters. Signing information is used to sign and validate parts of the message including the body and time stamp.

We can also use these parameters for X.509 validation when the Authentication method is IDAssertion and the ID Type is X509Certificate, in the server-level configuration. In such cases, fill in the Certificate Path fields only.

Encryption information

Specifies the configuration for the encrypting and decrypting parameters. Encryption information is used for encrypting and decrypting various parts of a message, including the body and user name token.

Key locators

Specifies a list of key locator objects that retrieve the keys for digital signature and encryption from a keystore file or a repository. The key locator maps a name or a logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.

Login mappings

Specifies a list of configurations for validating tokens within incoming messages.

Login mappings map the authentication method to the Java Authentication and Authorization Service (JAAS) configuration.

To configure JAAS, complete the following steps:

  1. Click Security > Global security.

  2. Under Authentication, click JAAS Configuration.


 

See Also


Request sender

 

Related Tasks


Configuring the client for request encryption: Encrypting the message parts
Configuring the client for request encryption: choosing the encryption method
Configuring the client for request signing: digitally signing message parts
Configuring the client for request signing: choosing the digital signature