WebSphere WebSphere Application Server Network Deployment, Version 6.0.x Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring secure transmission of SOAP messages using WS-Security

Configure service integration technologies for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) specification.

Before you begin

You can configure the service integration bus for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) 1.0 specification.

[Version 6.0.2] Alternatively, you can configure the bus in accordance with the previous WS-Security specification, WS-Security Draft 13 (also known as the Web Services Security Core Specification). However, use of WS-Security Draft 13 is deprecated in WebSphere Application Server Version 6, and you should only use it to enable inter-operation between applications running in WebSphere Application Server Version 5 and Version 6, or to allow continued use of an existing Web services client application that has been written to the WS-Security Draft 13 specification.

Why and when to perform this task

To protect a service integration bus-deployed Web service, you can apply the following types of WS-Security resource to the inbound or outbound ports that the service uses:

The configurations resource type specifies the level of security that you require (for example "The body must be signed"), and the bindings resource type provides the information that the run-time environment needs to implement the configuration (for example "To sign the body, use this key"),

When you associate a WS-Security resource with a port, you choose from a list of WS-Security resources that you have previously configured as described in the following topics:

Note: You can associate any binding with any configuration, so you must ensure that you choose a valid combination.
Note: You can also configure various WS-Security binding objects at the cell level, using the administrative console option Security > WS-Security. You can then use these binding objects when configuring bindings for use with your inbound and outbound ports. For example you can use a trust anchor that is defined at cell level when you are defining the signing information for a service integration binding object.

For an overview of how WS-Security is applied to service integration bus-deployed Web services, see Service integration technologies and WS-Security. For detailed information about how WS-Security is implemented in WebSphere Application Server, see Securing Web services applications at the message level (WS-Security). For more information about the WS-Security standard, see the Web Services Security (WS-Security) 1.0 specification.

Related concepts
Service integration technologies and WS-Security
Related tasks
Securing Web services based on WS-Security 1.0
Securing Web services based on WS-Security Draft 13
Administering the SIBus Web services core resources

Task topic

Terms of Use | Feedback

Last updated: 15 Mar 2007
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.pmc.nd.doc\tasks\tjw_wss.html

© Copyright IBM Corporation 2004, 2007. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)