[Version 5 only]WebSphere Application Server - Express, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring the client security bindings using an assembly tool

Why and when to perform this task

Important distinction between Version 5.x and Version 6.0.x applications
Note: The information in this article supports version 5.x applications only that are used with WebSphere Application Server Version 6.0.x. The information does not apply to version 6.0.x applications.

When configuring a client for Web services security, the bindings describe how to run the security specifications found in the extensions. Use the Web services client editor within an assembly tool to include the binding information in the client enterprise archive (EAR) file.

You can configure the client-side bindings from a pure client accessing a Web service or from a Web service accessing a downstream Web service. This document focuses on the pure client situation. However, the concepts, and in most cases the steps, also apply when a Web service is configured to communicate downstream to another Web service that has client bindings. Complete the following steps to edit the security bindings on a pure client (or server acting as a client) using an assembly tool:

Steps for this task

  1. Import the Web services client EAR file into an assembly tool. When you edit the client bindings on a server acting as a client, the same basic steps apply. Refer to the Assembly tools documentation for additional information.
  2. Click Windows > Open perspective > Other > J2EE.
  3. Click Application Client Projects > application_name > appClientModule > META-INF.
  4. Right-click the application-client.xml file, select Open with > Deployment descriptor editor. The Client Deployment Descriptor is displayed.
  5. Click the WS Extension tab.
  6. On the WS extension tab, select the Port QName Bindings that you want to configure. The Web services security extensions are configured for outbound requests and inbound responses. You need to configure the following information for Web services security extensions. These topics are discussed in more detail in other sections of the documentation.
  7. On the WS binding tab, select the Port Qualified Name Binding that you want to configure. The Web services security bindings are configured for outbound requests and inbound responses. You need to configure the following information for Web services security bindings. These topics are discussed in more details in other sections of the documentation.

What to do next

Important: When configuring the security request sender binding configuration, you must synchronize the information used to perform the specified security with the security request receiver binding configuration, which is configured in the server EAR file. These two configurations must be synchronized in all respects because there is no negotiation during run time to determine the requirements of the server.

For example, when configuring the encryption information in the security request sender binding Configuration, you must use the public key from the server for encryption. Therefore, the key locator that you choose must contain the public key from the server configuration. The server must contain the private key to decrypt the message. This example illustrates the important relationship between the client and server configuration. Additionally, when configuring the security response receiver binding configuration, the server must send the response using security information known by this client security response receiver binding configuration.

The following table shows the related configurations between the client and the server. The client request sender and the server request receiver are relative configurations that must be synchronized with each other. The server response sender and the client response receiver are related configurations that must be synchronized with each other. Note that the related configurations are end points for any request or response. One end point must communicate its actions with the other end point because run time requirements are not negotiated.
Table 1. Related configurations
Client configuration Server configuration
Request sender Request receiver
Response receiver Response sender



Related concepts
Request sender
Request receiver
Response sender
Response receiver

Related tasks
Configuring the security bindings on a server acting as a client using the administrative console
Configuring the server security bindings using an assembly tool
Configuring the server security bindings using the administrative console
Securing Web services for version 5.x applications using XML digital signature

Task topic    

Terms of Use | Feedback

Last updated: Jun 8, 2005 12:45:23 PM EDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/twbs_confclsecbndastk.html

© Copyright IBM Corporation 2003, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)