Use this page to configure the settings for nonce on the server level and to manage the default bindings for trust anchors, the collection certificate store, key locators, trusted ID evaluators, and login mappings.
To view this administrative console page, click Servers > Application Servers > server_name. Under Additional Properties, click Web Services: Default bindings for Web Services Security.
Read the Web services documentation before you begin defining the default bindings for Web services security.
To define the server bindings, complete the following steps:
To define the client bindings, complete the following steps:
The default binding configuration provides a central location where reusable binding information is defined. The application binding file can reference the information contained in the default binding configuration.
The certificate authority authenticates a user and issues a certificate. After the certificate is issued, the keystore objects, which contain these certificates, use the certificate for certificate path or certificate chain validation of incoming X.509-formatted security tokens.
The collection certificate store contains a chain of untrusted, intermediate certificates. The CertPath API attempts to validate these certificates, which are based on the trust anchor.
The trusted ID evaluators are used to authenticate additional identities from one server to another server. For example, a client sends the identity of user A to server 1 for authentication. Server 1 calls downstream to server 2, asserts the identity of user A, and includes the user ID and password of server 1. Server 2 attempts to establish trust with server 1 by authenticating its user ID and password and checking the trust based on the TrustedIDEvaluator implementation. If the authentication process and the trust check are successful, server 2 trusts that server 1 authenticated user A and a credential is created for user A on server 2 to invoke the request.
Login mappings map the authentication method to the Java Authentication and Authorization Service (JAAS) configuration.
To configure JAAS, use the administrative console and click Security > JAAS Configuration.