[Version 5.0.2 and later]Editing the service security configuration

Before you begin

Before you can select the security settings that are applied for an individual Web service, you must configure the gateway security bindings.

Why and when to perform this task

For each Web service, you can select the security settings that are applied between the service requester (the client) and the gateway. These settings are specified for each stage of the transmission:

You receive this security settings information from the service requester and from the target service provider in the following form:

To set the security settings that are applied between the service requester (the client) and the gateway, complete the following steps:

Steps for this task

  1. List the gateway-deployed Web services
  2. Click the name of a Web service in the list.
    A form is displayed that you can use to view and modify the current deployment details for this Web service, and add or remove multiple target services.
  3. In the Service Security section, select the Edit service security configuration option.

    The service security configuration form is displayed. This form is divided into the following sections:

    • Gateway Security Properties (the Actor URI)
    • Client Request Security Properties (integrity, confidentiality and identification settings)
    • Gateway Response Security Properties (the response Actor URI, and integrity and confidentiality settings)
    • Security bindings (request bindings and response bindings).

    The following comments apply to every section:

    • Help is provided in comments on the form, and in hover-help next to each field.
    • There are no required fields.
    • Many fields are populated by making a selection from a list.

  4. In the Gateway Security Properties section, set the Actor URI.

    If you specify an Actor URI, then only SOAP security headers with this Actor URI are processed.

  5. In the Client Request Security Properties section, set the following security levels:
    1. Set the Integrity level.
      Set the parts of the incoming SOAP message that must be signed (the Body, the Timestamp and the Security Token).
    2. Set the Confidentiality level.
      Set the parts of the incoming SOAP message that must be encrypted (the Body and the Username Token).
    3. Set the Identification level.
      Set the identification methods that will be accepted (Basic Authentication , Digital Signature, ID Assertion).
  6. In the Gateway Response Security Properties section, set the following security levels:
    1. Set the Response Actor URI.

      Note: If you specify a Response Actor URI, then the SOAP security header in the response message has this Actor URI.

    2. Set the Integrity level.
      Set the parts of the response SOAP message that must be signed (the Body and the Timestamp).
    3. Set the Confidentiality level.
      Set whether or not the Body of the response SOAP message must be encrypted.
  7. In the Security bindings section, set the Request bindings and the Response bindings to use.

    You choose these bindings (Signing Information, Encryption Information, Trusted ID Evaluator and Login Mappings) from pull-down lists. The available items in these lists are those that you previously entered, as described in Configuring the gateway security bindings.

  8. When you have finished editing the service security configuration, click Apply changes.

Related tasks
Enabling Web Services Security (WS-Security) for the gateway[Version 5.0.2 and later]
Configuring the gateway security bindings[Version 5.0.2 and later]
Editing the target service security configuration[Version 5.0.2 and later]
Troubleshooting the Web services gateway



Searchable topic ID:   twsg_security_wss_requester
Last updated: Jun 21, 2007 8:07:48 PM CDT    WebSphere Business Integration Server Foundation, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.wasee.doc/info/ee/ae/twsg_security_wss_requester.html

Library | Support | Terms of Use | Feedback