Why and when to perform this task
Create an Enterprise JavaBean (EJB) file Java archive (JAR) file or a Web archive (WAR) file containing the security binding file (ibm-webservices-bnd.xmi) and the security extension file (ibm-webservices-ext.xmi). If this archive is acting as a client to a downstream service, you also need the client-side binding file (ibm-webservicesclient-bnd.xmi) and the client-side extension file (ibm-webservicesclient-ext.xmi). These files are generated using the WSDL2Java command. You can edit these files using the Web services editor in the Assembly tools.
When configuring server-side security for Web services security, the security extensions configuration specifies what security is performed, the security bindings configuration indicates how to perform what is specified in the security extensions configuration. You can use the defaults for some elements at the cell and server levels in the bindings configuration, including key locators, trust anchors, the collection certificate store, trusted ID evaluators, and login mappings and reference these elements from the WAR and JAR binding configurations.
Prior to importing the Web services enterprise archive (EAR) file into the assembly tool, make sure that you have already run the wsdl2java command on your Web service to enable your J2EE application. You must import the Web services enterprise archive (EAR) file into the assembly tool.
Open the Web services editor in an assembly tool to begin editing the server security extensions and bindings. The following steps can locate the server security extensions and bindings. Other tasks specify how to configure each section of the extensions and bindings in more detail.
Steps for this task
What to do next
Configure the client for outbound requests and inbound responses security configuration by right-clicking the webservicesclient.xml file and clicking Open With > Deployment descriptor editor. For more information, see Configuring the client security bindings using an assembly tool.
Related tasks
Configuring the client security bindings using an assembly tool
Configuring the security bindings on a server acting as a client using
the administrative console
Configuring the server security bindings using the administrative console