Configuring XML basic authentication for Version 5.x web services with an assembly tool
With the basic authentication
(BasicAuth) authentication
method, the request sender generates a BasicAuth security token using
a callback handler. The request receiver retrieves the BasicAuth security
token from the SOAP message and validates it using a Java™ Authentication
and Authorization Service (JAAS) login module. Trust is established
by using user name and password validation.
Configuring identity assertion for Version 5.x web services with an assembly tool
With the identity assertion
authentication method, the
security token generates a <wsse:UsernameToken> element that contains
a <wsse:Username> element. On the request sender side, a callback
handler is invoked to generate the security token. On the request
receiver side, the security token is validated. Trust
is established through the use of a security token rather than through
user name and password validation.
Configuring signature authentication for Version 5.x web services with an assembly tool
With the signature authentication
method, the request sender
generates a signature security token using a callback handler. The
security token returned by the callback handler is inserted in the
SOAP message. The request receiver retrieves the Signature security
token from the SOAP message and validates it using a Java™ Authentication
and Authorization Service (JAAS) login module.
Configuring pluggable tokens for Version 5.x web services with an assembly tool WebSphere® Application Server provides several
different
methods to secure your web services, including the pluggable token
method. To use pluggable tokens to secure your web services, you must
configure both the client request sender and the server request receiver.