Create a new WS-Security binding for use with service integration bus-enabled web services. You use WS-Security bindings to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
This topic assumes that you have got, from the owning parties, the WS-Security bindings for the client (for an inbound service) and the target web service (for an outbound service).
You can only use WS-Security with web service applications that comply with the Web Services for Java™ Platform, Enterprise Edition (Java EE) or Java Specification Requirements (JSR) 109 specification. For more information, see Web Services Security and Java Platform, Enterprise Edition security relationship. For information about how to make your web service applications JSR-109 compliant, see Implementing JAX-RPC Web services clients or Implementing static JAX-WS Web services clients.
WS-Security bindings provide the information that the run-time environment needs to implement the WS-Security configuration (for example "To sign the body, use this key"), You receive this security binding information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-bnd.xmi file for the client, and an ibm-webservices-bnd.xmi file for the target web service. You extract the information from these .xmi files, then manually enter it into the WS-Security bindings forms.
Bindings are administered independently from any web service that uses them, so you can create a binding then apply it to many web services.
WebSphere Application Server also includes a set of default WS-Security binding objects, as described in Default bindings and runtime properties for Web services security. If you are administering a WebSphere Application Server Network Deployment installation, then the default WS-Security bindings are configured for the cell, and are available for use with bus-enabled web services. However, if you are using either of the single server products WebSphere Application Server or WebSphere Application Server Express, then these default bindings are configured within the application server, and are not available for use with bus-enabled web services.
Unlike most other configuration objects, when you create a WS-Security binding you can only define its basic aspects. To define the binding details you save the new binding, then reopen it for modification as described in Modifying an existing WS-Security binding.
To create a new WS-Security binding, complete the following steps:
You can add or modify the configuration details for a WS-Security binding that is configured for use with service integration bus-enabled web services. You use WS-Security bindings to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
Delete WS-Security bindings that are configured for use with service integration bus-deployed web services.