Modify an existing WS-Security configuration

Network Deployment (Distributed operating systems), v8.0 > Administer applications and their environment > Administer web services - Bus enabled web services > Enable web services through the service integration bus > Create a new WS-Security configuration

Modify an existing WS-Security configuration

We can add or modify the configuration details for a WS-Security configuration that is configured for use with service integration bus-enabled web services. You use WS-Security configurations to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
WS-Security configurations specify the level of security that you require (for example "The body must be signed"). This level of security is then implemented through the run-time information contained in a WS-Security binding. You receive the security configuration information direct from the service requester or target service provider, in the form of an ibm-webservicesclient-ext.xmi file for the client, and an ibm-webservices-ext.xmi file for the target web service, which contain the information about the levels of security (integrity, confidentiality and identification) that are required. You extract the information from these .xmi files, then manually enter it into the WS-Security configuration forms.
Configurations are administered independently from any web service that uses them, so you can create a configuration then apply it to many web services. However, the security requirements for an inbound service (which acts as a target web service) are significantly different to those required for an outbound service (which acts as a client). Consequently, configurations are further divided by service type (inbound or outbound).
To list the WS-Security configurations, and to view and modify their configuration details...

Procedure

Start the admin console.
In the navigation pane, click Service integration -> Web services -> WS-Security configurations . A list of WS-Security configurations is displayed in a WS-Security service configurations collection form.
Each available configuration is flagged as either Inbound or Outbound. You use an inbound configuration to secure the SOAP messages that pass between a service requester (client) and an inbound service (which acts as a target web service). You use an outbound configuration to secure the SOAP messages that pass between an outbound service (which acts as a client) and a target web service.
Each available configuration is also flagged as complying with either the Web Services Security (WS-Security) 1.0 specification or the WS-Security Draft 13 specification.
Use of WS-Security Draft 13 was deprecated in WAS v6.0. Use of WS-Security Draft 13 is deprecated, and you should only use it to allow continued use of an existing web services client application that has been written to the WS-Security Draft 13 specification.
Click the name of a WS-Security configuration in the list. The current settings for this WS-Security configuration are displayed.
Modify the configuration details for this WS-Security configuration. For detailed reference information about each value that you can set, click on the associated link in the following table:

Value references for WS-Security configurations. The left hand column of this table lists the value references for the WS-Security 1.0 inbound configuration, and the right hand column lists the value references for the WS-Security 1.0 outbound configuration.

WS-Security 1.0 inbound configuration WS-Security 1.0 outbound configuration
Request consumer

Required integrity

Message parts

Nonce

Time stamp

Required confidentiality

Message parts

Nonce

Time stamp

Required security token

Caller

Trust method

Properties

Properties

Add time stamp

Properties

Properties

Response generator

Actor

Integrity

Message parts

Nonce

Time stamp

Confidentiality

Message parts

Nonce

Time stamp

Security Token

Add time stamp

Properties

Properties

Request generator

Actor

Integrity

Message parts

Nonce

Time stamp

Confidentiality

Message parts

Nonce

Time stamp

Security Token

Add time stamp

Properties

Properties

Response consumer

Required integrity

Message parts

Nonce

Time stamp

Required confidentiality

Message parts

Nonce

Time stamp

Required security token

Caller

Trust method

Properties

Properties

Add time stamp

Properties

Properties

Value references for WS-Security Draft 13 configurations. The left hand column of this table lists the value references for the WS-Security Draft 13 inbound configuration, and the right hand column lists the value references for the WS-Security Draft 13 outbound configuration.

WS-Security Draft 13 inbound configuration WS-Security Draft 13 outbound configuration
Request receiver

Required integrity

Required confidentiality

Login configuration

Custom authentication methods

ID assertion

Add received time stamp

Properties

Response sender

Actor

Integrity

Confidentiality

Add created time stamp

Properties

Request sender

Actor

Integrity

Confidentiality

Login configuration

ID assertion

Add created time stamp

Properties

Response receiver

Required integrity

Required confidentiality

Add received time stamp

Properties

Save your changes to the master configuration.

Results
If the processing completes successfully, the list of WS-Security configurations is redisplayed. Otherwise, an error message is displayed.
Service integration technologies and WS-Security

+
Search Tips | Advanced Search