WS-Security: Username

When using the default policy set for WSSecurity, Username, configure the username and password for token authentication separately from the security settings defined in the bindings.

When you install a JAX-WS application and attach the default Username WSSecurity default policy set, the next step is to configure...

• General provider sample binding for the JAX-WS provider

• General client sample binding for the JAX-WS client

The binding file for the default client sample binding does not include a username or password for token authentication. Since the username and password is not available from the target deployed system, specify a valid username and password in the environment using the admin console.

 

1. Log in to the admin console, then click...

   Services | Policy sets | General client.policy set bindings | Client sample | WS-Security

   Add authentication information, such as username and password, to the general client sample bindings for any policy set that uses a Username token or LTPA token, including:

   • Username SecureConversation

   • Username WS-I RSP

   • LTPA SecureConversation

   • LTPA WS-I RSP

   • LTPA WSSecurity default

2. Click Authentication and protection.

3. In the Authentication tokens table, click gen_signunametoken to edit the username token settings.

4. Click Callback handler in the Additional Bindings section.

5. Enter the appropriate username and password information for the environment in the User name and fields.

6. Enter the password a second time in the Confirm field, then click Apply.

7. Repeat steps 5 through 8 for the gen_signltpatoken LTPA token generator.

 

Results

This admin console panel applies only to Java™ API for XML Web Services (JAX-WS) Web services.

 

Related tasks

Secure JAX-WS Web services using message-level security

 

Related

Callback handler settings