Configuring secure transmission of SOAP messages using WS-Security

Configure service integration technologies for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) specification.

Before you begin

You can configure the service integration bus for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) 1.0 specification.

Alternatively, you can configure the bus in accordance with the previous WS-Security specification, WS-Security Draft 13 (also known as the Web Services Security Core Specification). However, use of WS-Security Draft 13 is deprecated in WebSphere® Application Server Version 6, and you should only use it to enable inter-operation between applications running in WebSphere Application Server Version 5 and Version 6, or to allow continued use of an existing Web services client application that has been written to the WS-Security Draft 13 specification.

You can only use WS-Security with Web service applications that comply with the Web services for Java 2 Platform, Enterprise Edition (J2EE) or Java Specification Requirements (JSR) 109 specification. For information about how to make your Web service applications JSR-109 compliant, see Developing and deploying Web services clients.

About this task

To protect a service integration bus-deployed Web service, you can apply the following types of WS-Security resource to the inbound or outbound ports that the service uses:
  • WS-Security bindings.
  • WS-Security configurations.

The configurations resource type specifies the level of security that you require (for example "The body must be signed"), and the bindings resource type provides the information that the run-time environment needs to implement the configuration (for example "To sign the body, use this key"),

When you associate a WS-Security resource with a port, you choose from a list of WS-Security resources that you have previously configured as described in the following topics:

Procedure

What to do next

Note: You can associate any binding with any configuration, so you must ensure that you choose a valid combination.
Note: You can also configure various WS-Security binding objects at the cell level, using the administrative console option Security > WS-Security. You can then use these binding objects when configuring bindings for use with your inbound and outbound ports. For example you can use a trust anchor that is defined at cell level when you are defining the signing information for a service integration binding object.

For an overview of how WS-Security is applied to service integration bus-deployed Web services, see Service integration technologies and WS-Security. For detailed information about how WS-Security is implemented in WebSphere Application Server, see Securing Web services applications at the message level (WS-Security). For more information about the WS-Security standard, see the Web Services Security (WS-Security) 1.0 specification.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 1:23:07 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=tjw_wss
File name: tjw_wss.html