Defining and managing secure policy set bindings

What to do next

  • Configuring the SSL transport policy

    When working with policy sets in the administrative console, you can customize policies to ensure message security by configuring the SSL transport policy.

  • Transformation of policy and binding assertions for WSDL

    Web Services security does not fully support the OASIS WS-SecurityPolicy Version 1.2 standard. However, several of the policy and binding assertions supported by WebSphere® Application Server can be transformed and represented as WS-SecurityPolicy Version 1.2 assertions. The supported assertions are transformed when a Web Services Description Language (WSDL) or Web Services MetadataExhange (WS-MEX) request is received in a message, and also when the client receives a policy containing WS-SecurityPolicy 1.2 assertions.

  • Securing message parts using the administrative console

    If you are working with policy sets, then you can secure message parts using the administrative console. To secure message parts with WS-Security using policy sets, you must define the elements for the message parts to be protected in the WS-Security policy within a policy set.

  • Signing and encrypting message parts using policy sets

    With Web services, you can sign message parts, encrypt message parts, or both, based on the quality of service defined for a policy set. You can accomplish these actions by defining the binding information in a custom attachment binding.

  • Configuring the callers for general and default bindings

    The caller specifies the token or message part that is used for authentication.

  • Changing the order of the callers for a token or message part

    Specifying a caller in default and general bindings indicates which token or tokens to use to create authentication credentials. When there are multiple tokens on an incoming message, the order of the callers determines which token is used for the credentials. You can rearrange the order of the callers using the administrative console.

  • Policy set bindings settings for WS-Security

    Use this page to view, define or configure general bindings and application specific properties for the WS-Security policy. You can configure the main policy or the secure conversation bootstrap policy by editing the general bindings.

  • Keys and certificates

    Use this page to link to key and certificate binding configuration panels. This panel defines key and certificate bindings for JAX-WS Web services only. These keys and certificates can be centrally managed by the product or in an external keystore.

  • WS-Security authentication and protection

    Use the links on this page to configure authentication, protection, signature, and encryption information that the policy requires.

  • Caller settings

    Use this page to configure the caller settings. The caller specifies the token or message part that is used for authentication.

  • Caller collection

    The caller specifies the token or message part that you want to use for authentication. Use this administrative console page to access, view and configure the caller settings for message parts.

  • Message expiration settings

    Use this page to define settings for message expiration, if and when messages expire. When you specify message expiration, the message expires after the specified interval of time passes.

  • Actor roles settings

    Use this page to define settings for SOAP actor roles. The SOAP actor, also known as the SOAP role, defines the intermediary or ultimate recipient of a message.

Task topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 5:30:17 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-iseries&topic=container_twbs_wsspssecure
File name: container_twbs_wsspssecure.html