Use this page to specify the binding configuration to send request messages for Web services security.
Specifies the configuration for the signing parameters. Signing information is used to sign and validate parts of the message including the body and time stamp.
You can also use these parameters for X.509 validation when the Authentication method is IDAssertion and the ID Type is X509Certificate, in the server-level configuration. In such cases, you must fill in the Certificate Path fields only.
Specifies the configuration for the encrypting and decrypting parameters. Encryption information is used for encrypting and decrypting various parts of a message, including the body and user name token.
Specifies a list of key locator objects that retrieve the keys for digital signature and encryption from a keystore file or a repository. The key locator maps a name or a logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.
Specifies a list of configurations for validating tokens within incoming messages.
Login mappings map the authentication method to the Java Authentication and Authorization Service (JAAS) configuration.
Related concepts
Request sender
Related tasks
Configuring the client for request encryption: Encrypting the message
parts
Configuring the client for request encryption: choosing the encryption
method
Configuring the client for request signing: digitally signing message
parts
Configuring the client for request signing: choosing the digital signature
method
Securing Web services for version 5.x applications using XML encryption