WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Configuring encryption information for the generator binding with an assembly tool

You can configure the encryption information for the server-side and client-side bindings by using an assembly tool. The request generator is configured for the client, and the response generator is configured for the server.

Before you begin

Prior to completing this task, you must complete the following steps:
  1. Import your application into an assembly tool.

    For information on how to import your application, see Importing enterprise applications.

  2. Specify which message parts to encrypt. For more information, see Encrypting the message elements in generator security constraints with keywords or Encrypting the message elements in generator security constraints with an XPath expression .
  3. Configure the key information that is referenced by the Key information element within the Encryption information dialog window. For more information, see Configuring key information for the generator binding with an assembly tool .

About this task

The encryption information on the generator side is used for encrypting an outgoing SOAP message. You can configure the encryption information for the generator binding by using an assembly tool.

Complete the following steps. You must configure either the client-side bindings in step 2 or the server-side bindings in step 3.

Procedure

  1. Start the assembly tool.
  2. Switch to the Java 2 Platform, Enterprise Edition (J2EE) perspective. Click Window > Open Perspective > J2EE.
  3. Optional: Locate the client-side bindings using the Project Explorer window. The Client Deployment Descriptor window is displayed. This Web service contains the bindings that you must configure. Complete the following steps to locate the client-side bindings:
    1. Expand the Web Services > Client section and double-click the name of the Web service.
    2. Click the WS Binding tab and expand the Security Request Generator Binding Configuration section.
  4. Optional: Locate the server-side bindings using the Project Explorer window. The Web Services Editor window is displayed. This Web service contains the bindings that you must configure. Complete the following steps to locate the server-side bindings:
    1. Expand the Web Services > Services section and double-click the name of the Web service.
    2. Click the Binding Configurations tab and expand the Response Generator Binding Configuration Details section.
  5. Expand the Encryption Information section and click Add to add a new entry or select an existing entry and click Edit. The Encryption Information Dialog window is displayed. Complete the following steps to specify an encryption information configuration:
    1. Specify a name for the encryption information configuration in the Encryption name field. For example, you might specify gen_encinfo.
    2. Optional: Select Show only FIPS Compliant Algorithms if you want only the FIPS compliant algorithms to be shown in the encryption method algorithm drop-down lists. Use this option if you expect this application to run on a WebSphere Application Server that has set the Use Federal Information Processing Standard (FIPS) option in the Global security panel of the administrative console for WebSphere Application Server.
    3. Select a data encryption algorithm from the Data encryption method algorithm field. This specifies the algorithm used to encrypt parts of the message. The following pre-configured algorithms are supported: This algorithm must match the data encryption algorithm that is configured for the consumer. For more information on configuring the encryption information for the consumer, see Configuring encryption information for the consumer binding with an assembly tool .
    4. Select a key encryption algorithm from the Key encryption method algorithm field. This algorithm is used to encrypt the keys. The following pre-configured algorithms are supported:

      Select the blank entry if the data encryption key, which is the key that is used for encrypting the message parts, is not encrypted. The key encryption algorithm for the generator and the consumer must match. For more information on configuring the encryption information for the generator, see Configuring encryption information for the generator binding with an assembly tool .

    5. Specify a name in the Key information name field. For example, you might specify gen_ekeyinfo.
    6. Select a key information element in the Key information element field. The value in this field references the key information configuration that you specified previously. If you have a key information configuration called gen_enckeyinfo that you want to use with this encryption information configuration, specify get_enckeyinfo in the Key information element field. For more information, see Configuring key information for the generator binding with an assembly tool .
    7. Select a confidentiality part in the Confidentiality part field. The value in this field specifies the name of the confidentiality element that is encrypted.
  6. Click OK to save your encryption information configuration.

What to do next

After you complete this task for the consumer binding, you must configure the encryption information for consumer binding. For more information, see Configuring encryption information for the consumer binding with an assembly tool .



Related tasks
Encrypting the message elements in generator security constraints with keywords
Encrypting the message elements in generator security constraints with an XPath expression
Configuring key information for the generator binding with an assembly tool
Configuring encryption information for the consumer binding with an assembly tool
Configuring Web services security while assembling Web services applications
Task topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/twbs_specencryptinfogenbind.html

© Copyright IBM Corporation 2004, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)