Defining and managing secure policy set bindings
次主題
Configuring the SSL transport policy
When working with policy sets in the administrative console, you can customize policies to ensure message security by configuring the SSL transport policy.Transformation of policy and binding assertions for WSDL
Web Services Security does not fully support the OASIS WS-SecurityPolicy Version 1.2 standard. However, several of the policy and binding assertions supported by WebSphere® Application Server can be transformed and represented as WS-SecurityPolicy Version 1.2 assertions. The supported assertions are transformed when a Web Services Description Language (WSDL) or Web Services Metadata Exchange (WS-MEX) request is received in a message, and also when the client receives a policy containing WS-SecurityPolicy 1.2 assertions.Securing message parts using the administrative console
If you are working with policy sets, then you can secure message parts using the administrative console. To secure message parts with WS-Security using policy sets, you must define the elements for the message parts to be protected in the WS-Security policy within a policy set.Signing and encrypting message parts using policy sets
With web services, you can sign message parts, encrypt message parts, or both, based on the quality of service defined for a policy set. You can accomplish these actions by defining the binding information in a custom attachment binding.配置一般和預設連結的呼叫端
呼叫端指定用於鑑別的記號或訊息組件。Changing the order of the callers for a token or message part
Specifying a caller in default and general bindings indicates which token or tokens to use to create authentication credentials. When there are multiple tokens on an incoming message, the order of the callers determines which token is used for the credentials. You can rearrange the order of the callers using the administrative console.WS-Security 的原則集連結設定
請利用這個頁面來檢視、定義或配置 WS-Security 原則的一般連結和應用程式特定內容。 您可以編輯一般連結來配置主要原則或安全交談引導原則。Inbound and outbound custom properties
Use this page to set additional properties for inbound and outbound messages. You can specify custom properties that apply to both inbound and outbound messages or custom properties that apply to inbound messages only or outbound messages only.Keys and certificates
Use this page to link to key and certificate binding configuration panels. This panel defines key and certificate bindings for JAX-WS web services only. These keys and certificates can be centrally managed by the product or in an external keystore.Key information settings
Use this page to configure the key information for the selected policy set binding. Key information attributes define how cryptographic keys are generated or consumed.Certificate store settings
Use this page to specify the location where certificates are stored. You can reference certificate revocation for service generators or consumers.Trust anchor settings
Use this page to specify the trust anchor configuration. These trust anchor certificates are used to validate the X.509 certificate that is embedded in the SOAP message.WS-Security authentication and protection
Use the links on this page to configure authentication, protection, signature, and encryption information that the policy requires.一般連結的 WS-Security 鑑別和保護
當使用一般連結時,請利用這個頁面中的鏈結來配置原則所需的鑑別、保護、簽章和加密資訊。WS-Security authentication and protection for application specific bindings
Use the links on this page to configure authentication, signature, and encryption information that the policy requires when using application specific bindings.Protection token settings (generator or consumer)
Use this page to configure protection tokens. Protection tokens sign messages to protect integrity or encrypt messages to provide confidentiality.Authentication generator or consumer token settings
Authentication tokens are used to prove or assert an identity. Use the administrative console to add authentication token settings for message parts when you are editing a general binding.Callback handler settings for JAX-WS
Use this page to configure callback handler settings for JAX-WS, which determine how security tokens are acquired from messages headers.Custom keystore settings
Use this page to configure custom keystore files. Custom keystore files are alternatives to the key management support built into the WebSphere Application Server. The callback handler uses the custom version of the keystore configuration that includes keys.Caller settings
Use this page to configure the caller settings. The caller specifies the token or message part that is used for authentication.呼叫端集合
呼叫端指定鑑別所要使用的記號或訊息組件。請利用這個管理主控台頁面來存取、檢視和配置訊息組件的呼叫端設定。Message expiration settings
Use this page to define settings for message expiration, if and when messages expire. When you specify message expiration, the message expires after the specified interval of time passes.Actor roles settings
Use this page to define settings for SOAP actor roles. The SOAP actor, also known as the SOAP role, defines the intermediary or ultimate recipient of a message.


http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=container_twbs_wsspssecure
檔名:container_twbs_wsspssecure.html