You can configure the request and response token policies that
are part of the WS-Security policy using the administrative console. Message
requests token policies are applied to requests and enforced on responses
to support both quality and interoperability.
Before you begin
You can configure some settings for the policies within your policy
sets. The default policy sets provided in the product cannot be edited. You
must create a copy of the default policy set or create a completely new policy
set in order to specify the policies for it.
About this task
Use this administrative console task to define policies that specifically
support security tokens and properties.
Depending on your assigned security role
when security is enabled, you might not have access to text entry
fields or buttons to create or edit configuration data. Review the
administrative roles documentation to learn more about the valid roles
for the application server.
Procedure
- Click Services > Policy sets > Application policy sets > policy_set_name >
WS-Security policy.
- Click one of the following links:
- Main policy or
- Bootstrap policy
- Click the Main policy link to specify how message security policies are
applied to requests and enforced on responses to support interoperability.
- Click the Bootstrap policy link to configure how secure conversations
are established. A bootstrap policy might already be configured. If no bootstrap
policy is currently configured, first ensure that you have enabled message
security with symmetric signature and encryption policies and secure conversation
tokens for both integrity and confidentiality protection. See Configuring
the WS-Security policy.
- Click Request token policies under Request Policies or Response
token policies under Response Policies. Use this to panel to define policies
that specify which types of security tokens are supported for the properties
of each token type.
Results
Once you have customized the WS-Security policy with the associated
properties, including the request and response token policies, you can then
send and receive protect messages.