Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Secure web services > Web Services Security concepts > Web Services Security concepts for v5.x applications
Response sender
The response sender defines the security requirements of the SOAP response message. The security handler acts on the security constraints that are defined for the response in the IBM extension deployment descriptors.
There is an important distinction between Version 5.x and v6.0.x and later applications. The information in this article supports v5.x applications only that are used with WAS v6.0.x and later. The information does not apply to v6.0.x and later applications.
The IBM extension deployment descriptors are located in the ibm-webservices-ext.xmi file and the bindings, located in the ibm-webservices-bnd.xmi file. The security handler signs, encrypts, or generates the time stamp for the SOAP response message before the response is send to the caller.
Integrity constraints (digital signature)
We can select which parts of the message are digitally signed.
- Body
- Time stamp
Confidentiality (encryption)
We can encrypt the body content of the message.
Time stamp
We can have a time stamp for checking the timeliness of the message. The security constraints that apply to the SOAP response message must match the security requirements defined in the response receiver. Otherwise, the response is rejected by the response receiver (caller).
Related
Response sender binding collection
Request sender
Response receiver
Request receiver
Secure web services for v5.x applications using XML encryption