Important distinction between Version 5.x and Version 6.0.x applications
Note: The
information in this article supports version 5.x applications only that are
used with WebSphere Application Server Version 6.0.x. The information does not
apply to version 6.0.x applications.
In the WebSphere Application Server,
each application server has a copy of the
ws-security.xml file, which
defines the default binding information for Web services security. The following
list contains the defaults defined in the
ws-security.xml file:
- Trust anchors
- Identifies the trusted root certificates for signature verification.
- Collection certificate stores
- Contains certificate revocation lists (CRLs) and nontrusted certificates
for verification.
- Key locators
- Locates the keys for digital signature and encryption.
- Trusted ID evaluators
- Evaluates the trust of the received identity before identity assertion.
- Login mappings
- Contains the Java Authentication and Authorization Service (JAAS) configurations
for AuthMethod token validation.
If the Web services security constraints specified in
the deployment descriptors and the required bindings are not defined in the
bindings file, the default constraints in the ws-security.xml file
are used.
When you use the addNode command, the ws-security.xml file
is added with the server configuration to the new cell. The following figure
shows the activity when you use the addNode command.
Figure 1. Configuration
when using the addNode command