WS-Security default policy sets
The WS-Security policy sets are based...
Default policy sets include...
- WSSecurity default policy set
- LTPA WSSecurity policy set
- Username WSSecurity policy
- Kerberos V5 HTTPS default policy set
These default policy sets are used to build secure Web services.
The WS-Security default policy sets use the WS-Security 1.0 spec enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication. Providing quality of protection means to prevent the following potential threats to SOAP messages:
- The message being modified or read by antagonists.
- An antagonist sending messages to a service that are formed correctly, but lack the appropriate security claims to be processed.
The WS-Addressing spec defines XML 1.0 and XML Namespaces elements to identify Web services endpoints and to secure end-to-end endpoint identification in messages.
Use the WSSecurity default policy set, the LTPA WSSecurity policy set, the Username WSSecurity policy set, or the Kerberos V5 HTTPS default policy set as provided with the appserver.
To customize the other WS-Security policy sets, first copy the policy set, and then configure custom policy settings and bindings to meet the needs.
Related concepts
Web services policy sets
Create policy sets