In the WebSphere Application Server Network Deployment installation, the ws-security.xml file is at the cell level and defines the default binding information for Web services security for the entire cell. But each application server can have its own ws-security.xml file to override the cell default; similarly, each Web service can override the default in its binding files. The following list contains the defaults defined in ws-security.xml file:
The Web services security run time reads the configuration from the application bindings first, then tries the server-level, and finally tries the cell level. The following figure depicts the run-time configuration process.