Trust service attachments collection
Use this page to view information about or manage system policy set attachments and bindings. Endpoints with at least one operation directly attached to a policy set are displayed.
This page displays each endpoint that has at least one operation that is directly attached to a system policy set. The operations for other endpoints inherit the trust service default policy set and binding data. You can click New Attachment to create explicit attachments for endpoints not displayed, or click Attach to change the policy set for an operation. Changing the system policy set for an operation removes the binding data for that operation, and resets that data to the system default binding settings. You can also click Assign Binding to create a new binding configuration or change the existing binding configuration for the selected operation.
To view this administrative console page, click
.根據啟用安全時所指派的安全角色而定,您可能會有建立或編輯配置資料之文字輸入欄位或按鈕的存取權。 請檢閱管理角色說明文件,以進一步瞭解應用程式伺服器的有效角色。
Show confirmation for update runtime command
Specifies whether to enable or disable the display of the confirmation window before the Web Services Security runtime configuration is updated for supported tokens, targets, and trust service attachments.
Click Preferences to expand the information. You can select or clear the Show confirmation for update runtime command check box. If you do not select this check box, updates to the security runtime configuration are made without first displaying a confirmation window. If you select the check box, the confirmation window is displayed before updates to the security runtime configuration are made.
Information | Value |
---|---|
Data type: | Check box |
Default: | Enabled (check box is selected) |
Retain filter criteria
Specifies whether to retain the filter criteria.
Click Preferences to expand the information. You can select or deselect the Retain filter criteria check box. This check box determines whether Endpoint URL is used as the filter criteria to reduce the displayed list of endpoints.
Information | Value |
---|---|
Data type: | String |
Default: | All (check box is not selected) |
Search terms
Specifies the search criteria to use to reduce the displayed list of endpoints.
Click Preferences to expand the information. Type the search term you want to use in the Search terms field. Use the asterisk (*) as a wildcard character for all terms. You can also search for multiple unknown or partial characters within the term. For example, typing the search term par* returns partly, participate, partial, and all other terms beginning with the letters par.
Information | Value |
---|---|
Data type: | String |
Default: | * (search for all) |
Select
Specifies that you want to select an existing resource, such as an endpoint or an operation, for further actions.
For existing endpoints, select the check box next to an operation, and then select one of the following actions:
Actions | Description |
---|---|
Attach | Displays a list of policy sets that are available to be attached to an endpoint operation (cancel, reset, validate, or issue) or to one of the trust service default operations. Highlight and click the policy set to attach the policy set to the selected operation. You cannot attach a policy set to an endpoint. |
Inherit operation defaults | Detaches the currently attached policy set and binding for each selected operation and sets the operation to inherit the trust service default policy set and binding for each operation. |
Assign binding | Lists the bindings that are available to select for the policy set to which you want to attach the binding. You can also create a new binding.
Multiple selection is valid only when all the resources have the same policy set attached. |
New attachment
Specifies that you want to create an explicit policy set attachment.
Click New Attachment to access a new panel where you can enter an endpoint URL to create attachments for each of the four endpoint operations of the provided URL. Initially, the attachment consists of the policy set and binding that are listed as the Trust Service Default for that operation.
Information | Value |
---|---|
Data type: | Button |
Update runtime
Updates the trust service configuration for any changed attachments, targets, and token information.
If the Show confirmation for update runtime command preference is enabled, then a panel is displayed where you can confirm that you want to update the trust service configuration. If the preference is disabled, the trust service configuration is updated immediately without any confirmation.
Information | Value |
---|---|
Data type: | Button |
Service endpoint URL / Operation
Displays a list of the trust service default operation attachments and every service endpoint URL that has at least one operation with a policy set attached.
Each endpoint has four operations: issue, cancel, renew, and validate. Each of the operations for all other endpoints inherits the trust service default policy set and binding.
When the URL in the trust service attachment does not match the URL to which the trust service request is sent, the policy set that is defined in the attachment is not applied. Instead, IBM® WebSphere® Application Server uses the policy set that is attached to the default for the trust operation.
Information | Value |
---|---|
Data type: | String |
Default: | Trust Service Default |
Policy set
Displays the attached or inherited policy set for each operation of all endpoint URLs. Any endpoint URL that is not displayed inherits the trust service default policy set for each operation. Provides a list of default and custom system policy sets that are attached to the service endpoint URL.
The policy set names are displayed in this column for each operation. If the policy set is inherited from the trust service default, rather than being explicitly attached, inherited is displayed in parentheses following the policy set name. Because only operations can have a policy set attachment, the Policy Set column for each endpoint URL row displays Not applicable.
Click the system policy set name to view or edit the policy set details information. Note that you can view, but not edit, the default policy sets. Default policy sets cannot be changed.
Information | Value |
---|---|
Data type: | String |
Defaults: | TrustServiceSecurityDefault, TrustServiceSymmetricDefault or SystemWSSecurityDefault |
Binding
Displays the binding that is assigned to each policy set attachment for each operation of the listed endpoint URLs. Any endpoint URL that is not displayed inherits the trust service default binding for each of the four operations.
The name of the assigned binding for each policy set attachment is displayed in this column for each operation. If the attachment is inherited from the trust service default, inherited is displayed in parentheses following the binding name. If you select Assign Binding > Default, the system default binding is applied to the policy set attachment, and the word Default is displayed in this column. If the system default binding is inherited, then inherited is displayed in parentheses following Default.
The system default binding is also assigned when you attach a new policy set to an operation. Because only operations can have policy set attachments, the binding column for each endpoint URL row displays Not applicable. Rows that are not directly related to a token and display the trust service default, display the text, Not applicable, for the binding. Additionally, rows that are not directly related to a token and display only the service endpoint URL display the text, Not applicable, for the binding.
Click the trust service specific binding name to view or edit the binding information. You can view, but not edit, the TrustServiceSecurityDefault, TrustServiceSymmetricDefault or SystemWSSecurityDefault bindings.
Information | Value |
---|---|
Data type: | String |
Default: | TrustServiceSecurityDefault, TrustServiceSymmetricDefault or SystemWSSecurityDefault |