Map Securing JAX-RPC web services using message-level security

Standards and profiles address how to provide protection for messages that are exchanged in a web service environment.

Before you begin

Best practice Best practice: IBM® WebSphere® Application Server supports the Java API for XML-Based Web Services (JAX-WS) programming model and the Java API for XML-based RPC (JAX-RPC) programming model. JAX-WS is the next generation web services programming model extending the foundation provided by the JAX-RPC programming model. Using the strategic JAX-WS programming model, development of web services and clients is simplified through support of a standards-based annotations model. Although the JAX-RPC programming model and applications are still supported, take advantage of the easy-to-implement JAX-WS programming model to develop new web services applications and clients. bprac

About this task

To secure web services with WebSphere Application Server, you must specify several different configurations. Although there is not a specific sequence in which you must specify these different configurations, some configurations reference other configurations. See Web Services Security configuration considerations.

Web service security is supported in the managed web service container. To establish a managed environment and to enforce constraints for Web Services Security, you must perform a Java Naming and Directory Interface (JNDI) lookup on the client to resolve the service reference.

Because of the relationship between the different Web Services Security configurations, it is recommended that you specify the configurations on each level of the configuration in the following order. You can choose to configure Web Services Security for the application level or the server level as it depends upon your environment and security needs.

Procedure

  1. Learn about Web Services Security.
  2. Decide which programming model, JAX-WS or JAX-RPC, works best for securing your web services applications.
  3. Configure Web Services Security.
  4. Specify the application-level configuration.
  5. Specify the server-level configuration.
  6. Specify the platform-level configuration.
  7. Develop and assemble a JAX-RPC application, or migrate an existing application.
  8. Deploy the JAX-RPC application.

Results

After completing these steps for WebSphere Application Server, you have secured web services.



In this information ...


Related concepts
Related tasks

(Index)

IBM Redbooks, demos, education, and more


Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.



Terms of Use | Feedback

Last updated: Sep 19, 2011 6:13:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-dist&topic=twbs_securerpc
File name: twbs_securerpc.html