View Web services server deployment descriptor
Overview
To view the server deployment descriptor settings...
Applications | Application Types | WebSphere enterprise apps | application_name | Modules | Manage modules | URI_name | Web Services Properties | View Web services server deployment descriptorThis admin console panel applies only to JAX-RPC applications.
WAS ND has three levels of bindings: application-level, server-level, and cell-level. The information in the following implementation descriptions indicate how to configure the application-level bindings. To configure the server-level bindings, which are the defaults...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime
To configure the cell-level bindings...
Request digital signature verification
If the integrity constraints, which require a signature, are defined, verify that you configured the signing information in the binding files.
To configure the signing parameters...
Applications | Application Types | WebSphere enterprise apps | application_name | Modules | Manage modules | URI_name | Web Services Properties | Web services: WAS security bindings | Request receiver binding | Edit | Signing information
To configure the trust anchor...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Trust anchorsTo configure the collection certificate store...
Servers > Server Types > WebSphere application servers > server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Collection certificate storeTo configure the key locators...
Go to...
Servers | Server Types | WebSphere application servers | server_name Security | JAX-WS and JAX-RPC security runtime | Additional properties | Key locators
Request decryption
If the confidentiality constraints (encryption) are specified, verify that the encryption information is defined.
To configure the encryption information parameters...
Applications | Application Types | WebSphere enterprise apps | application_name | Modules | Manage modules | URI_name | WS-Security properties | Web services: WAS security bindings | Request receiver binding | Edit | Encryption information
To configure the key locators...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Key locators
Basic authentication
If BasicAuth authentication is configured as the required security token, specify the callback handler in the binding file to collect the basic authentication data.
The following list contains callback support implementations:
- com.ibm.wsspi.wssecurity.auth.callback.GuiPromptCallbackHandler
- The implementation prompts for BasicAuth information (user name and password) in an interface panel.
- com.ibm.wsspi.wssecurity.auth.callback.NonPromptCallbackHandler
- This implementation reads the BasicAuth information from the binding file.
- com.ibm.wsspi.wssecurity.auth.callback.StdPromptCallbackHandler
- This implementation prompts for a user name and password using the standard in (stdin) prompt.
To configure the login mapping information...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Login mappings
Identity (ID) assertion authentication with the BasicAuth TrustMode
Set a login binding in the bindings file with a com.ibm.wsspi.wssecurity.auth.callback.NonPromptCallbackHandler implementation. Specify a user name and password for basic authentication that a TrustedIDEvaluator on a downstream server trusts.
To configure the login mapping information...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Login mappings
Identity (ID) assertion authentication with the signature TrustMode
Set the signing information in the bindings file with a signing key that points to a key locator. The key locator contains the X.509 certificate that is trusted by the downstream server.
To configure the login mapping information...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Login mappings
The (JAAS) uses WSLogin as the name of the login configuration. To configure JAAS...
Security | Global security | Authentication | Java Authentication and Authorization Service | Application loginsThe value of the <TrustedIDEvaluatorRef> tag in the binding must match the value of the <TrustedIDEvaluator> name.
To configure the trusted ID evaluators...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Trusted ID evaluators
Response signing
If the integrity constraints (digital signature) are defined, verify that we have the signing information configured in the binding files.
To specify the signing information...
Applications | Application Types | WebSphere enterprise apps | application_name | Modules | Manage modules | URI_name | WS-Security properties | Web services: WAS security bindings | Request receiver binding column | Edit | Signing informationTo configure the key locators...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Key locators
Response encryption
If the confidentiality constraints (encryption) are specified, verify that the encryption information is defined.
To specify the encryption information...
Applications | Application Types | WebSphere enterprise apps | application_name | Modules | Manage modules | URI_name | WS-Security properties | Web services: Server security bindings | Request receiver binding | Edit | Encryption information
To configure the key locators...
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS and JAX-RPC security runtime | Additional properties | Key locators
Related tasks
Migrate JAX-RPC WS-Security applications to V7.0 applications
Related
View Web services client deployment descriptor