Use the web services client editor within an assembly tool
to include the binding information, that describes how to run the
security specifications found in the extensions, in the client enterprise
archive (EAR) file.
About this task
Important: There is an important distinction
between Version 5.x and Version 6 and later applications. The
information supports Version 5.x applications only that are
used with WebSphere® Application Server Version
6.0.x and later. The information does not apply to Version
6.0.x and later applications.
When configuring a client
for Web Services Security, the bindings describe how to run the security
specifications found in the extensions. Use the web services client
editor within an assembly tool to include the binding information
in the client enterprise archive (EAR) file.
You can configure
the client-side bindings from a pure client accessing a web service
or from a web service accessing a downstream web service. Complete
the following steps to find the location in which to edit the client
bindings from a web service that is running on the server. When a
web service communicates with another web service, you must configure
client bindings to access the downstream web service.
Procedure
- Deploy the web service using the WebSphere Application Server administrative
console. Click .
![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
You can access the administrative console by typing http://localhost:port_number/ibm/console in
your web browser unless you have changed the port number.
You can access the administrative console by typing http://server_name:port_number/ibm/console in
your web browser unless you have changed the port number.
For
more information, read about installing a new application.
- Click .
- Under Manage modules, click URI_name.
- Under Web Services Security Properties, click Web
Services: Client security bindings. A table
displays with the following columns:
- Component Name
- Port
- Web Service
- Request Sender Binding
- Request Receiver Binding
- HTTP Basic Authentication
- HTTP SSL Configuration
For Web Services Security, you must edit the request
sender binding and response receiver binding configurations. You can
use the defaults for some of the information at the server level and
at the cell level in WebSphere Application Server, Network Deployment environments.
Default bindings are convenient because you can configure commonly
reused elements such as key locators once and then reference their
aliases in the application bindings.
- View the default bindings for the server using the administrative
console by clicking . Under Additional Properties, click JAX-WS
and JAX-RPC security runtime.
混合版本環境: In a mixed node cell with a server using
WebSphere Application Server version 6.1 or
earlier, click
Web services: Default bindings for Web Services
Security.
mixv
You can configure the following sections.
These topics are discussed in more detail in other sections of the
documentation.
- Request sender binding
- Response receiver binding
What to do next
Important: When configuring the security request
sender binding configuration, you must synchronize the information
used to perform the specified security with the security request receiver
binding configuration, which is configured in the server EAR file.
These two configurations must be synchronized in all respects because
there is no negotiation during run time to determine the requirements
of the server. For example, when configuring the encryption information
in the security request sender binding configuration, you must use
the public key from the server for encryption. Therefore, the key
locator that you choose must contain the public key from the server
configuration. The server must contain the private key to decrypt
the message. This example illustrates the important relationship between
the client and server configuration. Additionally, when configuring
the security response receiver binding configuration, the server must
send the response using security information known by this client
security response receiver binding configuration.
The following
table shows the related configurations between the client and the
server. The client request sender and the server request receiver
are relative configurations that must be synchronized with each other.
The server response sender and the client response receiver are related
configurations that must be synchronized with each other. Note that
related configurations are end points for any request or response.
One end point must communicate its actions with the other end point
because run time requirements are not required.
Table 1. Related configurations. The configurations
must be synchronized with each other.Client configuration |
Server configuration |
Request sender |
Request receiver |
Response receiver |
Response sender |