WebSphere WebSphere Application Server Network Deployment, Version 6.0.x Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Creating a new WS-Security configuration

Use this task to create a new WS-Security configuration for use with service integration bus-deployed Web services.

This topic assumes that you have got, from the owning parties, the WS-Security configurations for the client (in the case of an inbound service) and the target Web service (in the case of an outbound service).

You use WS-Security configurations to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target Web services. Configurations specify the level of security that you require (for example "The body must be signed"). This level of security is then implemented through the run-time information contained in a WS-Security binding.

Unlike most other configuration objects, when you create a WS-Security configuration you can only define its basic aspects. To define the details you save the new WS-Security configuration, then reopen it for modification as described in Modifying an existing WS-Security configuration.

To create a new WS-Security configuration, complete the following steps:

  1. Start the administrative console.
  2. In the navigation pane, click Service integration > Web services > WS-Security configurations. The WS-Security service configurations collection form is displayed.
  3. Click New. The New WS-Security Service Configuration wizard is displayed.
  4. Use the wizard to assign the following general properties:
    1. [Version 6.0.2] Select the version of the WS-Security specification. Set this option to either Draft 13 (for a configuration that complies with the WS-Security Draft 13 specification) or 1.0 (for a configuration that complies with the Web Services Security (WS-Security) 1.0 specification.
      Deprecation note: The WS-Security Draft 13 specification is deprecated in WebSphere Application Server Version 6, and you should only use it to enable inter-operation between applications running in WebSphere Application Server Version 5 and Version 6, or to allow continued use of an existing Web services client application that has been written to the WS-Security Draft 13 specification.
    2. Specify the service type. If you are creating a configuration to secure the SOAP messages that pass between a service requester (client) and an inbound service (which acts as a target Web service), select Inbound Service. If you are creating a configuration to secure the SOAP messages that pass between an outbound service (which acts as a client) and a target Web service, select Outbound Service.
    3. Specify the WS-Security configuration type.
      Give a name to this configuration. This name must be unique across both WS-Security Version 1.0 and Draft 13 configurations, and it must follow the following syntax rules:
      • It must not start with "." (a period).
      • It must not start or end with a space.
      • It must not contain any of the following characters: \ / , # $ @ : ; " * ? < > | = + & % '

      (Optionally) Specify an Actor URI for this configuration. WS-Security headers within the consumed request message are only processed if they have the specified Actor URI.

  5. Click Finish. The general properties for this item are saved.
If the processing completes successfully, the list of WS-Security configurations is updated to include the new configuration. Otherwise, an error message is displayed.
You are now ready to define the configuration details as described in Modifying an existing WS-Security configuration.
Related concepts
Service integration technologies and WS-Security

Task topic

Terms of Use | Feedback

Last updated: 5 Oct 2005
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.pmc.nd.doc\tasks\tjw_wss_conf_new.html

© Copyright IBM Corporation 2004, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)