Securing web services at the transport level

Transport-level security is a well-known and often used mechanism to secure HTTP Internet and intranet communications. Transport-level security can be used to secure web services messages. Transport-level security functionality is independent from functionality that is provided by message-level security (WS-Security) or HTTP basic authentication. You can use the transport-level security binding to secure the communication between your web service client and web service provider.

Before you begin

The ibm-ws-bnd.xml file must be in the /WEB-INF directory of a web-based web services application (WAR file), or in the /META-INF directory of an EJB-based web service application (JAR file).
Note: If the client is running in the Liberty application client container, the ibm-ws-bnd.xml file must be in the /META-INF directory of the JAR file in the client EAR.

About this task

Transport-level security is based on Secure Sockets Layer (SSL) or Transport Layer Security (TLS) that runs beneath HTTP.

SSL and TLS provide security features including authentication, data protection, and cryptographic token support for secure HTTP connections. To run with HTTPS, the service port address must be in the form https://. The integrity and confidentiality of transport data, including SOAP messages and HTTP basic authentication, is confirmed when you use SSL and TLS.

Liberty uses the Java™ Secure Sockets Extension (JSSE) package to support SSL and TLS. The following security configurations are supported for web services protection in Liberty:
  • Secured HTTP
  • Basic authentication
  • Client certification

Para obtener todos los elementos disponibles que puede configurar en el archivo ibm-ws-bnd.xml, consulte Liberty:El archivo ibm-ws-bnd.xml.


Icono que indica el tipo de tema Tema de tarea



Icono de indicación de fecha y hora Última actualización: Tuesday, 6 December 2016
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twlp_sec_ws_com
Nombre de archivo:twlp_sec_ws_com.html