Operating Systems: i5/OS
Personalize the table of contents and search results
Securing Web services for V5.x applications using XML encryption
XML encryption is one method that WebSphere Application Server
provides to secure your Web services. It enables you to encrypt an XML element,
the content of an XML element, or arbitrary data such as an XML document.
There is an important distinction between Version
5.x and V6 and later applications. The information in this article
supports V5.x applications only that are used with WebSphere Application
Server V6.0.x and later. The information does not apply to Version
6.0.x and later applications.
WebSphere Application Server provides
several different methods to secure your Web services. XML encryption is one
of these methods. You can secure your Web services using any of the following
methods:
- XML digital signature
- XML encryption
- Basicauth authentication
- Identity assertion authentication
- Signature authentication
- Pluggable token
Overview
XML encryption enables you to encrypt an XML element, the content
of an XML element, or arbitrary data such as an XML document. Like XML digital
signature, a message is sent by the client as the request sender to the server
as the request receiver. The response is sent by the server as the response
sender to the client as the request receiver. Unlike XML digital signature,
which verifies the authenticity of the sender, XML encryption scrambles the
message content using a key, which can be unscrambled by a receiver that possesses
the same key. You can use XML encryption in conjunction with XML digital signature
to scramble the content while verifying the authenticity of the message sender.
To
use XML encryption to secure Web services, use an assembly tool.
For more information, see Assembly tools
To securing Web services for V5.x applications
using XML encryption, complete the following steps:
Procedure
- Specify the encryption settings for the request sender. The
message parts and the encryption method settings chosen for the request sender
on the client must match the message parts and the method settings chosen
for the request receiver on the server. To specify the encryption settings
for the request sender:
- Configuring the client for request encryption: Encrypting the message
parts.
- Configuring the client for request encryption: choosing the encryption
method.
- Specify the encryption settings for the request receiver.
The decryption settings chosen for the request receiver must match the
encryption settings chosen for the request sender.
To specify the decryption
settings for the request receiver:
- Configuring the server for request decryption: decrypting the message
parts.
- Configuring the server for request decryption: choosing the decryption
method.
- Specify the encryption settings for the response sender.
The message parts and the encryption method settings chosen for the
response sender on the server must match the message parts and the method
settings chosen for the response receiver on the client. To specify the encryption
settings for the response sender:
- Configuring the server for response encryption: encrypting the message
parts.
- Configuring the server for response encryption: choosing the encryption
method.
- Specify the encryption settings for the response receiver.
Remember: The decryption settings chosen for the response
receiver must match the encryption settings chosen for the response sender.
To
specify the decryption settings for the response receiver, complete the following
steps:
- Configuring the client for response decryption: decrypting the message
parts.
- Configuring the client for response decryption: choosing a decryption
method.
Results
After completing these steps, you have secured your Web services using
XML encryption.
}
Login bindings configuration settings
Request sender
Configuring the client for request encryption: Encrypting the message
parts
Configuring the client for request encryption: choosing the encryption
method
Request receiver
Configuring the server for request decryption: decrypting the message
parts
Configuring the server for request decryption: choosing the decryption
method
Response sender
Configuring the server for response encryption: encrypting the message
parts
Configuring the server for response encryption: choosing the encryption
method
Response receiver
Configuring the client for response decryption: decrypting the message
parts
Configuring the client for response decryption: choosing a decryption
method
Related concepts
XML encryption
XML digital signature
Related tasks
Securing Web services for V5.x applications based on WS-Security
|