+

Search Tips   |   Advanced Search


Configure WS-Security for communication with a Producer

You can configure WS-Security for the communication with a particular Producer portal by specifying the appropriate security profile for each WSRP port type in the Producer configuration on your Consumer portal.

WebSphere Portal v6.1.5 provides three security profiles for the most common scenarios. These scenarios are described in the list below. Additionally, the portal allows you to add custom security profiles if required for your environments. By default, none of the Producer ports specifies a security profile.

LTPA_Token

Security Profile for LTPA token forwarding. This works only if the Consumer and Producer portals share the same user registry and LTPA configuration. The Consumer portal authenticates to the Producer by propagating the LTPA token information in the WS-Security SOAP header.

Username_Token

Security Profile for Username token forwarding. This configuration propagates the clear text user name in the WS-Security SOAP header.

Signed_Username_Token

Security Profile for Username token forwarding including a signature, nonce, and timestamp. The signature signs the security token only and uses the following algorithms according to the WS-I Basic Security Profile 1.0 recommendations:

Transformation

exclusive c14n. Refer to

http://www.w3.org/2001/10/xml-exc-c14n#.

Canonicalization

exclusive c14n. Refer to

http://www.w3.org/2001/10/xml-exc-c14n#.

Digest

sha-1. Refer to

http://www.w3.org/2000/09/xmldsig#sha1.

Signature

rsa-sha1. Refer to

http://www.w3.org/2000/09/xmldsig#rsa-sha1.

The key that is used to encrypt the digest and signature is taken from the default self-signed certificate configuration from the WAS by using the default alias. For more information refer to the URL given under Related information below.

Set the security profiles by either of the following two ways:


Parent topic:

Secure WSRP by WS-Security for a Consumer portal


Next topic:

Creating and deploying custom WS-Security profiles


Related information


http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/csec_ssldefselfsigncertconf.html
http://www.w3.org/2001/10/xml-exc-c14n#
http://www.w3.org/2000/09/xmldsig#sha1
http://www.w3.org/2000/09/xmldsig#rsa-sha1