Use the administrative console to configure the token generator
or token consumer to use a specific level of the WS-SecureConversation
OASIS specification standard. Select one of the two levels of token
types supported: Secure Conversation Token v200502, or Secure Conversation
Token v1.3.
About this task
WebSphere® Application Server supports two
levels of the OASIS standard for WS-SecureConversation including both
the submission draft version (February 2005 draft specification) and
version 1.3 of the standard, which was approved on March 1, 2007.
Using the administrative console, configure the token generator so
that the appropriate token type for a specific level of the standard
is issued when a security token is requested.
Procedure
- Log on to the administrative console and navigate to the
panel where the token generator is configured by clicking or General client policy set bindings.
- Click on the name of the binding you want to edit.
- Click the WS-Security policy in the Policies table.
- Click the Authentication and protection link in
the Main message security policy bindings section.
- Click New token to create a new token generator
or consumer, or click an existing token link from the Protection Tokens
table.
- Enter a token name, then use the Token type drop-down menu
to select a secure conversation token type.
- To specify a submission draft token type, select Secure
Conversation Token v200502.
- To specify a version 1.3 token type, select Secure
Conversation Token v1.3.
- The local name is populated according to the token type
you selected, as follows:
- Local name for the submission draft token type: http://schemas.xmlsoap.org/ws/2005/02/sc/sct
- Local name for the version 1.3 token type: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512
The URI field is also filled in based on the token type.
- Click to deselect the option Tolerate Secure
Conversation Token v200502 if you want to enforce use
of only the version 1.3 tokens. This option specifies whether
the provider should handle both Secure Conversation Token version
1.3 and Secure Conversation Token v200502. By default, the provider
handles both versions.
- Click Apply to create a secure conversation
token of the selected type.