Request sender binding collection

Use this page to specify the binding configuration to send request messages for Web services security.

To view this administrative console page, complete the following steps:

  1. Click Applications > Enterprise Applications > appname.

  2. Under Related Items, click Web Modules > URI_file_name > Web Services: Client Security Bindings.

  3. Under Request Sender Binding, click Edit.

Signing Information Specifies the configuration for the signing parameters. Signing information is used to sign and validate parts of the message including the body and time stamp.

You can also use these parameters for X.509 validation when the Authentication Method is IDAssertion and the ID Type is X509Certificate in the server-level configuration. In such cases, fill in the Certificate Path fields only.

Encryption Information Specifies the configuration for the encrypting and decrypting parameters. Encryption information is used for encrypting and decrypting various parts of a message including the body and user name token.

Key Locators Specifies a list of key locator objects that retrieve the keys for digital signature and encryption from a key store file or a repository. The key locator maps a name or a logical name to an alias or maps an authenticated identity to a key. This logical name is used to locate a key in a key locator implementation.

Login Mappings Specifies a list of configurations for validating tokens within incoming messages.

Login mappings map the authentication method to the Java Authentication and Authorization Service (JAAS) configuration.

To configure JAAS, use the administrative console and click Security > JAAS Configuration.

 

See Also

Request sender
Securing Web services using XML encryption
Configuring the client for request encryption: Encrypting the message parts
Configuring the client for request encryption: Choosing the encryption method
Configuring the client for request signing: Digitally signing message parts
Configuring the client for request signing: Choosing the digital signature method
Encryption information collection