[Version 5 only]WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Default configuration for WebSphere Application Server Network Deployment

Important distinction between Version 5.x and Version 6.0.x applications
Note: The information in this article supports version 5.x applications only that are used with WebSphere Application Server Version 6.0.x. The information does not apply to version 6.0.x applications.
In the WebSphere Application Server Network Deployment installation, the ws-security.xml file is at the cell level and defines the default binding information for Web services security for the entire cell. But each application server can have its own ws-security.xml file to override the cell default; similarly, each Web service can override the default in its binding files. The following list contains the defaults defined in ws-security.xml file:
Trust anchors
Identifies the trusted root certificates for signature verification.
Collection certificate stores
Contains certificate revocation lists (CRLs) and nontrusted certificates for verification.
Key locators
Locates the keys for digital signature and encryption.
Trusted ID evaluators
Evaluates the trust of the received identity before identity assertion.
Login mappings
Contains the Java Authentication and Authorization Service (JAAS) configurations for AuthMethod token validation.

The Web services security run time reads the configuration from the application bindings first, then tries the server-level, and finally tries the cell level. The following figure depicts the run-time configuration process.

Figure 1. Run-time configuration



Related concepts
Default binding
Trust anchors
Collection certificate store
Key locator
Trusted ID evaluator
Login mappings

Reference topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/rwbs_wssecn.html

© Copyright IBM Corporation 2003, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)