Creating a new WS-Security configuration
Create a new WS-Security configuration for use with service integration bus-deployed web services. You use WS-Security configurations to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
Before you begin
This topic assumes that you have got, from the owning parties, the WS-Security configurations for the client (for an inbound service) and the target web service (for an outbound service).
您只能搭配符合 Web Services for Java™ Platform、Enterprise Edition (Java EE) 或 Java Specification Requirements (JSR) 109 規格的 Web 服務應用程式,來使用 WS-Security。 如需相關資訊,請參閱Web Services Security and Java Platform, Enterprise Edition security relationship。如需如何使 Web 服務應用程式符合 JSR-109 標準的相關資訊,請參閱實作 JAX-RPC Web 服務用戶端或Implementing static JAX-WS web services clients。
About this task
WS-Security configurations specify the level of security that you require (for example "The body must be signed"). This level of security is then implemented through the run-time information contained in a WS-Security binding. You receive the security configuration information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-ext.xmi file for the client, and an ibm-webservices-ext.xmi file for the target web service, which contain the information about the levels of security (integrity, confidentiality and identification) that are required. You extract the information from these .xmi files, then manually enter it into the WS-Security configuration forms.
Configurations are administered independently from any web service that uses them, so you can create a configuration then apply it to many web services. However, the security requirements for an inbound service (which acts as a target web service) are significantly different to those required for an outbound service (which acts as a client). Consequently, configurations are further divided by service type (inbound or outbound).
Unlike most other configuration objects, when you create a WS-Security configuration you can only define its basic aspects. To define the details you save the new WS-Security configuration, then reopen it for modification as described in Modifying an existing WS-Security configuration.
To create a new WS-Security configuration, complete the following steps: