Creating a new WS-Security binding

Create a new WS-Security binding for use with service integration bus-enabled web services. You use WS-Security bindings to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.

Before you begin

Use this option to create WS-Security bindings that comply with either the Web Services Security (WS-Security) 1.0 specification, or the previous WS-Security specification, WS-Security Draft 13 (also known as the Web Services Security Core Specification).
Note:WebSphere® Application Server 6.0 版中,已淘汰「WS-Security 初稿 13」的使用。「WS-Security 初稿 13」已淘汰,它只應該用在容許繼續使用遵循「WS-Security 初稿 13」規格來撰寫的現有 Web 服務用戶端應用程式。

This topic assumes that you have got, from the owning parties, the WS-Security bindings for the client (for an inbound service) and the target web service (for an outbound service).

您只能搭配符合 Web Services for Java™ Platform、Enterprise Edition (Java EE) Java Specification Requirements (JSR) 109 規格的 Web 服務應用程式,來使用 WS-Security。 如需相關資訊,請參閱Web Services Security and Java Platform, Enterprise Edition security relationship。如需如何使 Web 服務應用程式符合 JSR-109 標準的相關資訊,請參閱實作 JAX-RPC Web 服務用戶端Implementing static JAX-WS web services clients

About this task

WS-Security bindings provide the information that the run-time environment needs to implement the WS-Security configuration (for example "To sign the body, use this key"), You receive this security binding information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-bnd.xmi file for the client, and an ibm-webservices-bnd.xmi file for the target web service. You extract the information from these .xmi files, then manually enter it into the WS-Security bindings forms.

Bindings are administered independently from any web service that uses them, so you can create a binding then apply it to many web services.

WebSphere Application Server also includes a set of default WS-Security binding objects, as described in Default bindings and runtime properties for Web Services Security. If you are administering a WebSphere Application Server Network Deployment installation, then the default WS-Security bindings are configured for the cell, and are available for use with bus-enabled web services. However, if you are using the single server product, WebSphere Application Server, then these default bindings are configured within the application server, and are not available for use with bus-enabled web services.

Unlike most other configuration objects, when you create a WS-Security binding you can only define its basic aspects. To define the binding details you save the new binding, then reopen it for modification as described in Modifying an existing WS-Security binding.

To create a new WS-Security binding, complete the following steps:

Procedure

  1. Start the administrative console.
  2. In the navigation pane, click 服務整合 -> Web 服務 -> WS-Security 連結. The WS-Security bindings collection form is displayed.
  3. Click New. The New WS-Security binding wizard is displayed.
  4. Use the wizard to assign the following general properties:
    1. Select the version of the WS-Security specification. Set this option to either Draft 13 (for a binding that complies with the WS-Security Draft 13 specification) or 1.0 (for a binding that complies with the Web Services Security (WS-Security) 1.0 specification.
      Note:WebSphere Application Server 6.0 版中,已淘汰「WS-Security 初稿 13」的使用。「WS-Security 初稿 13」已淘汰,它只應該用在容許繼續使用遵循「WS-Security 初稿 13」規格來撰寫的現有 Web 服務用戶端應用程式。
    2. Specify the binding type.

      Set this option to one of the following binding types:

      For WS-Security Version 1.0:
      • 要求消費端 - 適合在消費用戶端對於入埠服務的要求時使用。
      • 要求產生端 - 適合在從出埠服務產生要求至目標 Web 服務時使用。
      • 回應消費端 - 適合在消費從目標 Web 服務至出埠服務的回應時使用。
      • 回應產生端 - 適合在從入埠服務產生對於用戶端的回應時使用。
      For WS-Security Draft 13:
      • 要求接收端 - 適合在接收用戶端對於入埠服務的要求時使用。
      • 要求傳送端 - 適合在從出埠服務傳送要求至目標 Web 服務時使用。
      • 回應接收端 - 適合在從目標 Web 服務接收對於出埠服務的回應時使用。
      • 回應傳送端- 適合在傳送入埠服務對於用戶端的回應時使用。
    3. Specify the WS-Security binding.
      Give a name to this binding. This name must be unique and it must follow the following syntax rules:
      • It must not start with "." (a period).
      • It must not start or end with a space.
      • It must not contain any of the following characters: \ / , # $ @ : ; " * ? < > | = + & % '

      (WS-Security 1.0 bindings only. Optional.) Select the Use defaults check box to create a convenient default binding for use in a development and test environment. If you select this option, the binding uses the WebSphere Application Server default set of binding information rather than any custom information that you might subsequently add. Note however that this default binding is by definition insecure, and is not for production use. You can also select or clear this check box when you modify an existing WS-Security binding.

      Note: If you are creating a WS-Security 1.0 request generator binding, the web address for the WS-Security 1.0 namespace is displayed in a drop-down list. This is the namespace used by WS-Security 1.0 to send a request, and you should not have to change this value. The other values included in the drop-down list refer to namespaces used by earlier versions of the WS-Security draft specification, and are included for backwards compatibility.
  5. Click Finish. The general properties for this item are saved.

Results

If the processing completes successfully, the list of WS-Security bindings is updated to include the new binding. Otherwise, an error message is displayed.

What to do next

You are now ready to define the binding details as described in Modifying an existing WS-Security binding.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:16
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tjw_wss_bind_new
檔名:tjw_wss_bind_new.html