Securing JAX-RPC web services using message-level security

Standards and profiles address how to provide protection for messages that are exchanged in a web service environment.

About this task

To secure web services with WebSphere® Application Server, you must specify several different configurations. Although there is not a specific sequence in which you must specify these different configurations, some configurations reference other configurations. See Web Services Security configuration considerations.

Web service security is supported in the managed web service container. To establish a managed environment and to enforce constraints for Web Services Security, you must perform a Java Naming and Directory Interface (JNDI) lookup on the client to resolve the service reference.

Because of the relationship between the different Web Services Security configurations, it is recommended that you specify the configurations on each level of the configuration in the following order. You can choose to configure Web Services Security for the application level or the server level as it depends upon your environment and security needs.

Procedure

  1. Learn about Web Services Security.
  2. Decide which programming model, JAX-WS or JAX-RPC, works best for securing your web services applications.
  3. Configure Web Services Security.
  4. Specify the application-level configuration.
  5. Specify the server-level configuration.
  6. Specify the cell-level configuration.
  7. Specify the platform-level configuration.
  8. Develop and assemble a JAX-RPC application, or migrate an existing application.
  9. Deploy the JAX-RPC application.

Results

After completing these steps for WebSphere Application Server, you have secured web services.
Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 17, 2014 04:48 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-base-iseries&topic=twbs_securerpc
File name: twbs_securerpc.html