If you use Web Services Atomic Transaction (WS-AT) or Web
Services
Business Activity (WS-BA) support when administrative security is
enabled,
you might have to change the default transaction service configuration.
You
can disable the transaction coordination authorization setting, create
a new
web container transport chain, or do both.
About this task
You
might disable transaction coordination authorization if you want to
interoperate
with other servers and you do not want to set up security for the
transaction
manager to support the Common Criteria EAL4 evaluated configuration.
When
transaction coordination authorization is disabled, WebSphere® Application Server does
not automatically reject secure WS-Transactions protocol messages.
You
might configure a new web container transport chain for use by WS-Transactions
in the following situations:
- You want to use an alternative
port number for WS-AT or WS-BA protocol
messages.
- You want to interoperate with a non-WebSphere Application Server
that requires client certificate authentication on the Secure Sockets
Layer
(SSL) connection that is used for protocol messages.
The
transaction service, by default, selects a suitable web container
transport chain from the list of those configured and uses it for
protocol
messages. You can configure a new transport chain and specify your
own settings.
For example, you can specify an alternative SSL configuration that
requires
client certificate authentication, which is then used specifically
for WS-Transactions
protocol messages.