Creating a new WS-Security configuration

Create a new WS-Security configuration for use with service integration bus-deployed web services. You use WS-Security configurations to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.

Before you begin

Use this option to work with WS-Security configurations that comply with either the Web Services Security (WS-Security) 1.0 specification, or the previous WS-Security specification, WS-Security Draft 13 (also known as the Web Services Security Core Specification).
Note:WebSphere® Application Server 6.0 版中,已淘汰「WS-Security 初稿 13」的使用。「WS-Security 初稿 13」已淘汰,它只應該用在容許繼續使用遵循「WS-Security 初稿 13」規格來撰寫的現有 Web 服務用戶端應用程式。

This topic assumes that you have got, from the owning parties, the WS-Security configurations for the client (for an inbound service) and the target web service (for an outbound service).

您只能搭配符合 Web Services for Java™ Platform、Enterprise Edition (Java EE) Java Specification Requirements (JSR) 109 規格的 Web 服務應用程式,來使用 WS-Security。 如需相關資訊,請參閱Web Services Security and Java Platform, Enterprise Edition security relationship。如需如何使 Web 服務應用程式符合 JSR-109 標準的相關資訊,請參閱實作 JAX-RPC Web 服務用戶端Implementing static JAX-WS web services clients

About this task

WS-Security configurations specify the level of security that you require (for example "The body must be signed"). This level of security is then implemented through the run-time information contained in a WS-Security binding. You receive the security configuration information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-ext.xmi file for the client, and an ibm-webservices-ext.xmi file for the target web service, which contain the information about the levels of security (integrity, confidentiality and identification) that are required. You extract the information from these .xmi files, then manually enter it into the WS-Security configuration forms.

Configurations are administered independently from any web service that uses them, so you can create a configuration then apply it to many web services. However, the security requirements for an inbound service (which acts as a target web service) are significantly different to those required for an outbound service (which acts as a client). Consequently, configurations are further divided by service type (inbound or outbound).

Unlike most other configuration objects, when you create a WS-Security configuration you can only define its basic aspects. To define the details you save the new WS-Security configuration, then reopen it for modification as described in Modifying an existing WS-Security configuration.

To create a new WS-Security configuration, complete the following steps:

Procedure

  1. Start the administrative console.
  2. In the navigation pane, click 服務整合 -> Web 服務 -> WS-Security 配置. The WS-Security service configurations collection form is displayed.
  3. Click New. The New WS-Security Service Configuration wizard is displayed.
  4. Use the wizard to assign the following general properties:
    1. Select the version of the WS-Security specification. Set this option to either Draft 13 (for a configuration that complies with the WS-Security Draft 13 specification) or 1.0 (for a configuration that complies with the Web Services Security (WS-Security) 1.0 specification.
      Note:WebSphere Application Server 6.0 版中,已淘汰「WS-Security 初稿 13」的使用。「WS-Security 初稿 13」已淘汰,它只應該用在容許繼續使用遵循「WS-Security 初稿 13」規格來撰寫的現有 Web 服務用戶端應用程式。
    2. Specify the service type. If you are creating a configuration to secure the SOAP messages that pass between a service requester (client) and an inbound service (which acts as a target web service), select Inbound Service. If you are creating a configuration to secure the SOAP messages that pass between an outbound service (which acts as a client) and a target Web service, select Outbound Service.
    3. Specify the WS-Security configuration type.
      Give a name to this configuration. This name must be unique across both WS-Security Version 1.0 and Draft 13 configurations, and it must follow the following syntax rules:
      • It must not start with "." (a period).
      • It must not start or end with a space.
      • It must not contain any of the following characters: \ / , # $ @ : ; " * ? < > | = + & % '

      (Optionally) Specify an Actor URI for this configuration. WS-Security headers within the consumed request message are only processed if they have the specified Actor URI.

  5. Click Finish. The general properties for this item are saved.

Results

If the processing completes successfully, the list of WS-Security configurations is updated to include the new configuration. Otherwise, an error message is displayed.

What to do next

You are now ready to define the configuration details as described in Modifying an existing WS-Security configuration.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:16
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tjw_wss_conf_new
檔名:tjw_wss_conf_new.html