Configuring Web Services Security using JAX-RPC at the platform level

In the platform configuration, general properties and additional properties can be specified, and the default binding is included. You can configure security for web services at a platform level with a variety of tasks including configuring key locators, trust anchors, and the collection certificate at the generator, consumer binding, and sever levels.

Before you begin

最佳作法 最佳作法: IBM® WebSphere® Application Server 支援 Java™ API for XML 型 Web 服務 (JAX-WS) 程式設計模型和 Java API for XML 型 RPC (JAX-RPC) 程式設計模型。JAX-WS 是延伸 JAX-RPC 程式設計模型所提供之基礎的下一代 Web 服務程式設計模型。 當使用策略性 JAX-WS 程式設計模型時,透過支援標準型註釋模型,簡化了 Web 服務和用戶端的開發工作。 雖然仍支援 JAX-RPC 程式設計模型和應用程式,但請利用易於實作的 JAX-WS 程式設計模型來開發新的 Web 服務應用程式和用戶端。best-practices

Besides the application-level constraints, there is a cell-level and server-level Web Services Security (WSS) configuration called a platform-level configuration:

  • These configurations are global for all applications and include some configurations only for WebSphere Application Server Version 5.x applications and some only for version 6.0.x applications.
  • You can use the default binding as an application-level binding configuration so that applications do not have to define the binding in the application. There is only one set of default bindings that can be shared by multiple applications. This set is only available for WebSphere Application Server Version 6.x applications.

Therefore, binding configuration files can be specified at these levels: application, server, and cell. Each binding configuration overrides the next higher one. For any deployed application, the nearest configuration binding is applied. The visibility scope of the binding depends on where the file is located. If the binding is defined in an application, its visibility is scoped to that particular application. If it is located at the server level, the visibility scope is all applications that are deployed on that server. For WebSphere Application Server, Network Deployment, if it is located at the cell level, the visibility scope is all applications deployed on all servers of the cell.

About this task

To ensure Web Services Security at the platform level, you can configure:
  • A nonce on the server or cell level
  • The key locator for the generator or consumer binding on the application level, server level, or cell level
  • Trust anchors for the generator or consumer binding on the application level, server level, or cell level
  • The collection certificate store for the generator or consumer binding on the application level, server level or cell level
  • Trusted ID evaluators on the server or cell level
  • Hardware cryptographic devices for Web Services Security
  • The rrdSecurity.props property file

Procedure

Results

By completing these steps, you have configured Web Services Security at the platform level.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:17
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twbs_conpllwss
檔名:twbs_conpllwss.html