Web services security property configuration settings

Web services security property configuration settings

Use this page to configure additional security properties. To view the Web services security property configuration settings panel...
Security | Web services | Default generator bindings or Default consumer bindings Properties | New

Property Name

Name of the property.

Data type: String

Property Value

Specify the value for the property.

Data type: String

The following table lists the properties that you can configure by using the Web services security property panels.

Configuration panel name Property name Property value Description

JAAS configuration com.ibm.wsspi.wssecurity.token.X509.issuerName SubjectDN or the IssuerDN of the issuer for the X.509 certificate. Issuer of the certificate in the token consumer component.
JAAS configuration com.ibm.wsspi.wssecurity.token.X509.issuerSerial serial number of the X.509 certificate. Serial number of the certificate in the token consumer component.
Key information com.ibm.wsspi.wssecurity.keyinfo.EncodingNS namespace URI for the qualified name (QName). Namespace URI part of the QName that represents the encoding method.
Properties com.ibm.ws.wssecurity.handler.hardwareCacheEntryRefreshHours Specify a numeric value from 1 to 24 that represents the number of hours that a temporary key is valid. Amount of time before a key is retranslated. Temporary keys outside the keystore typically expire in a short period of time, measured in days or hours. If the server is configured to use a hardware acceleration card, but not the hardware keystore, you can configure it to translate the temporary keys periodically before they expire. If this property is not set , a key will be retranslated after 8 hours. Setting this value to 0 disables retranslation.
Request generator and Response generator com.ibm.wsspi.wssecurity.timestamp.SOAPHeaderElement Specify 1 or true. This property is used with the Add nonce option to set the mustUnderstand flag in the deployment descriptor.
Request generator and Response generator com.ibm.wsspi.wssecurity.timestamp.dialect
Signing information com.ibm.wsspi.wssecurity.dsig.dumpPath path used to locate the output file. Output file for dumping the target UTF-8 binary data before signing and verifying messages.
Token generator com.ibm.wsspi.wssecurity.token.username.timestampExpires Specify 1 or true. Expiration date for the user name token.
Transform algorithms com.ibm.wsspi.wssecurity.dsig.XPathExpression
not(ancestor-or-self::* [namespace-uri()= 'http://www.w3.org/2000 /09/xmldsig#' and local-name()='Signature'])
This property is used with this algorithm:
http://www.w3.org/TR/1999/REC-xpath-19991116

Related tasks

Configure the key locator using JAX-RPC for the generator binding on the application level

Related Reference
Web services security property collection

Reference topic

Configuration panel name	Property name	Property value	Description
JAAS configuration	com.ibm.wsspi.wssecurity.token.X509.issuerName	SubjectDN or the IssuerDN of the issuer for the X.509 certificate.	Issuer of the certificate in the token consumer component.
JAAS configuration	com.ibm.wsspi.wssecurity.token.X509.issuerSerial	serial number of the X.509 certificate.	Serial number of the certificate in the token consumer component.
Key information	com.ibm.wsspi.wssecurity.keyinfo.EncodingNS	namespace URI for the qualified name (QName).	Namespace URI part of the QName that represents the encoding method.
Properties	com.ibm.ws.wssecurity.handler.hardwareCacheEntryRefreshHours	Specify a numeric value from 1 to 24 that represents the number of hours that a temporary key is valid.	Amount of time before a key is retranslated. Temporary keys outside the keystore typically expire in a short period of time, measured in days or hours. If the server is configured to use a hardware acceleration card, but not the hardware keystore, you can configure it to translate the temporary keys periodically before they expire. If this property is not set , a key will be retranslated after 8 hours. Setting this value to 0 disables retranslation.
Request generator and Response generator	com.ibm.wsspi.wssecurity.timestamp.SOAPHeaderElement	Specify 1 or true.	This property is used with the Add nonce option to set the mustUnderstand flag in the deployment descriptor.
Request generator and Response generator	com.ibm.wsspi.wssecurity.timestamp.dialect
Signing information	com.ibm.wsspi.wssecurity.dsig.dumpPath	path used to locate the output file.	Output file for dumping the target UTF-8 binary data before signing and verifying messages.
Token generator	com.ibm.wsspi.wssecurity.token.username.timestampExpires	Specify 1 or true.	Expiration date for the user name token.
Transform algorithms	com.ibm.wsspi.wssecurity.dsig.XPathExpression	not(ancestor-or-self::* [namespace-uri()= 'http://www.w3.org/2000 /09/xmldsig#' and local-name()='Signature'])	This property is used with this algorithm: http://www.w3.org/TR/1999/REC-xpath-19991116