Before you begin
Important: There is an important distinction between
Version 5.x and Version 6 and later applications. The information
in this article supports Version 5.x applications only that
are used with WebSphere Application Server Version 6.0.x and
later. The information does not apply to Version 6.0.x and
later applications.
WebSphere Application Server
provides several different methods to secure your Web services. XML
encryption is one of these methods. You can secure your Web services
using any of the following methods:
- XML digital signature
- XML encryption
- Basicauth authentication
- Identity assertion authentication
- Signature authentication
- Pluggable token
About this task
XML encryption enables you to encrypt an XML element, the
content of an XML element, or arbitrary data such as an XML document.
Like XML digital signature, a message is sent by the client as the
request sender to the server as the request receiver. The response
is sent by the server as the response sender to the client as the
request receiver. Unlike XML digital signature, which verifies the
authenticity of the sender, XML encryption scrambles the message content
using a key, which can be unscrambled by a receiver that possesses
the same key. You can use XML encryption in conjunction with XML digital
signature to scramble the content while verifying the authenticity
of the message sender.
To use XML encryption to secure Web services,
you must use an assembly tool. For more information, see the related
information on Assembly Tools.
To securing Web services for
Version 5.x applications using XML encryption, complete the
following steps: