Why and when to perform this task
When configuring a client for Web services security, the bindings describe how to run the security specifications found in the extensions. Use the Web Services Client Editor within the WebSphere Application Server Toolkit to include the binding information in the client enterprise archive (EAR) file.You can configure the client-side bindings from a pure client accessing a Web service or from a Web service accessing a downstream Web service. Complete the following steps to find the location in which to edit the client bindings from a Web service that is running on the server. When a Web service communicates with another Web service, you must configure client bindings to access the downstream Web service.
Steps for this task
For Web services security, you must edit the request sender binding and response receiver binding configurations. You can use the defaults for some of the information at the server level . Default bindings are convenient because you can configure commonly reused elements such as key locators once and then reference their aliases in the application bindings.
What to do next
Note: When configuring the security request sender binding configuration, you must synchronize the information used to perform the specified security with the security request receiver binding configuration, which is configured in the server EAR file. These two configurations must be synchronized in all respects because there is no negotiation during run time to determine the requirements of the server. For example, when configuring the encryption information in the security request sender binding configuration, you must use the public key from the server for encryption. Therefore, the key locator that you choose must contain the public key from the server configuration. The server must contain the private key to decrypt the message. This example illustrates the important relationship between the client and server configuration. Additionally, when configuring the security response receiver binding configuration, the server must send the response using security information known by this client security response receiver binding configuration.
The following table
shows the related configurations between the client and the server. The client
request sender and the server request receiver are relative configurations
that must be synchronized with each other. The server response sender and
the client response receiver are related configurations that must be synchronized
with each other. Note that related configurations are end points for any
request or response. One end point must communicate its actions with the
other end point because run time requirements are not required.
Client configuration | Server configuration |
---|---|
Request sender | Request receiver |
Response receiver | Response sender |