You can configure the request and response token policies
that are part of the WS-Security policy using the administrative console.
Message requests token policies are applied to requests and enforced
on responses to support both quality and interoperability.
Before you begin
You can configure some settings for the policies within your
policy sets. The default policy sets provided in the product cannot
be edited. You must create a copy of the default policy set or create
a completely new policy set in order to specify the policies for it.
About this task
Use this administrative console task to define policies
that specifically support security tokens and properties.
Depending on your assigned security role
when security is enabled, you might not have access to text entry
fields or buttons to create or edit configuration data. Review the
administrative roles documentation to learn more about the valid roles
for the application server.
Procedure
- Click Services > Policy sets > Application policy
sets > policy_set_name > WS-Security policy.
- Click one of the following links:
- Main policy or
- Bootstrap policy
- Click the Main policy link to specify how message security policies
are applied to requests and enforced on responses to support interoperability.
- Click the Bootstrap policy link to configure how secure conversations
are established. A bootstrap policy might already be configured. If
no bootstrap policy is currently configured, first ensure that you
have enabled message security with symmetric signature and encryption
policies and secure conversation tokens for both integrity and confidentiality
protection. See Configuring the WS-Security policy.
- Click Request token policies under Request Policies
or Response token policies under Response Policies. Use this
to panel to define policies that specify which types of security tokens
are supported for the properties of each token type.
Results
Once you have customized the WS-Security policy with the associated
properties, including the request and response token policies, you
can then send and receive protect messages.