For JAX-RPC applications, each application server, in WebSphere® Application Server, uses a copy
of the ws-security.xml file to define the default binding
information for Web Services Security.
Important: There is an important distinction
between Version 5.x and Version 6.0.x applications.
The information supports Version 5.x applications only that
are used with WebSphere Application Server Version 6.0.x and
later. The information does not apply to Version 6.0.x and
later applications.
In the WebSphere Application
Server, each application server has a copy of the
ws-security.xml file,
which defines the default binding information for Web Services Security.
The following list contains the defaults defined in the
ws-security.xml file:
- Trust anchors
- Identifies the trusted root certificates for signature verification.
- Collection certificate stores
- Contains certificate revocation lists (CRLs) and non-trusted certificates
for verification.
- Key locators
- Locates the keys for digital signature and encryption.
- Trusted ID evaluators
- Evaluates the trust of the received identity before identity assertion.
- Login mappings
- Contains the Java Authentication and Authorization
Service (JAAS) configurations for AuthMethod token
validation.
If the Web Services Security constraints specified
in the deployment descriptors and the required bindings are not defined
in the bindings file, the default constraints in the ws-security.xml file
are used.
When you use the addNode command, the ws-security.xml file
is added with the server configuration to the new cell. The following
figure shows the activity when you use the addNode command.
Figure 1. Configuration when using the addNode command