Add or modify the configuration details for a WS-Security configuration
that is configured for use with service integration bus-deployed Web services.
You use WS-Security configurations to secure the SOAP messages that pass between
service requesters (clients) and inbound services, and between outbound services
and target Web services.
Why and when to perform this task
WS-Security configurations specify the level of security that
you require (for example "The body must be signed"). This level of security
is then implemented through the run-time information contained in a WS-Security
binding. You receive the security configuration information direct
from the service requester or target service provider, in the form of an ibm-webservicesclient-ext.xmi file
for the client, and an ibm-webservices-ext.xmi file for the
target Web service, which contain the information on the levels of security
(integrity, confidentiality and identification) that are required. You extract
the information from these .xmi files, then manually enter
it into the WS-Security configuration forms.
Configurations are administered
independently from any Web service that uses them, so you can create a configuration
then apply it to many Web services. However, the security requirements for
an inbound service (which acts as a target Web service) are significantly
different to those required for an outbound service (which acts as a client).
Consequently, configurations are further divided by service type (inbound
or outbound).
To list the WS-Security configurations, and to view and
modify their configuration details, complete the following steps:
Steps for this task
- Start the administrative console.
- In the navigation pane, click . A list of WS-Security configurations is displayed in a WS-Security service configurations collection form.
Each available
configuration is flagged as either Inbound or Outbound.
You use an inbound configuration to secure the SOAP messages that pass between
a service requester (client) and an inbound service (which acts as a target
Web service). You use an outbound configuration to secure the SOAP messages
that pass between an outbound service (which acts as a client) and a target
Web service.
![[Version 6.0.2]](../was602.gif)
Each available configuration is also
flagged as complying with either the
Web Services Security (WS-Security) 1.0
specification or the WS-Security Draft 13 specification.
Deprecation note: The WS-Security Draft 13 specification is deprecated in WebSphere
Application Server Version 6, and you should only use it to enable inter-operation
between applications running in WebSphere Application Server Version 5 and
Version 6, or to allow continued use of an existing Web services client application
that has been written to the WS-Security Draft 13 specification.
- Click the name of a WS-Security configuration in the list. The current settings for this WS-Security configuration are displayed.
- Modify the configuration details for this WS-Security configuration. For detailed reference information about each value that you can set,
click on the associated link in the following table:
- Save your changes to the master configuration.
If the processing completes successfully, the list of WS-Security
configurations is redisplayed. Otherwise, an error message is displayed.