Configure service integration technologies for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) specification.
You can configure the service integration bus for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) 1.0 specification.
Alternatively, you can configure
the bus in accordance with the previous WS-Security specification, WS-Security
Draft 13 (also known as the Web Services Security Core Specification). However,
use of WS-Security Draft 13 is deprecated in WebSphere Application Server
Version 6, and you should only use it to enable inter-operation between applications
running in WebSphere Application Server Version 5 and Version 6, or to allow
continued use of an existing Web services client application that has been
written to the WS-Security Draft 13 specification.
The configurations resource type specifies the level of security that you require (for example "The body must be signed"), and the bindings resource type provides the information that the run-time environment needs to implement the configuration (for example "To sign the body, use this key"),
When you associate a WS-Security resource with a port, you choose from a list of WS-Security resources that you have previously configured as described in the following topics:
For an overview of how WS-Security is applied to service integration bus-deployed Web services, see Service integration technologies and WS-Security. For detailed information about how WS-Security is implemented in WebSphere Application Server, see Securing Web services applications at the message level (WS-Security). For more information about the WS-Security standard, see the Web Services Security (WS-Security) 1.0 specification.