The Web services security programming model provides application programming interfaces (WSS API) for securing the SOAP message. The WSS API model is based on Web Services Security Version 1.1 standards but also includes support for Web Services Security Version 1.0.
The token processing and pluggable token architecture in the Web service security run time has been redesign to reuse the same Security Token interface and the JAAS Login Module as those used for the WSS APIs.
The following table lists the WSS API interfaces that are provided with WebSphere® Application Server and used to configure signing and encryption information in the SOAP bindings for the generator and consumer bindings.
WSS API interfaces | Description |
---|---|
WSSDecryption | Package: com.ibm.websphere.wssecurity.wssapi.decryption This
interface is responsible for specifying decryption. The default values
for decryption include:
|
WSSDecryptPart | Package: com.ibm.websphere.wssecurity.wssapi.decryption This
interface is responsible for adding decrypted parts, as needed. If
specified, the default values for decrypted parts include:
|
WSSEncryption | Package: com.ibm.websphere.wssecurity.wssapi.encryption This
interface is responsible for the encryption component. The default
values for encryption include:
|
WSSEncryptPart | Package: com.ibm.websphere.wssecurity.wssapi.encryption This
interface is responsible for adding encrypted parts, as needed. If
specified, the default values for encrypted parts include:
|
WSSSignature | Package: com.ibm.websphere.wssecurity.wssapi.signature This
interface is responsible for specifying the signature. The default
values for signature include:
|
WSSSignPart | Package: com.ibm.websphere.wssecurity.wssapi.signature This
interface is responsible for adding signed parts, as needed. If specified,
the default values for signed parts include:
|
WSSVerification | Package: com.ibm.websphere.wssecurity.wssapi.verification This
interface is responsible for specifying the signature verification.
The default values for verification include:
|
WSSVerifyPart | Package: com.ibm.websphere.wssecurity.wssapi.verification This
interface is responsible for adding verify parts, as needed. If specified,
the default values for verify parts include:
|
Also see the information about pre-configured generator and consumer tokens.