Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Define and managing secure policy set bindings
Configure web service binding for SCA transport layer authentication
Use this task to specify abstract intents in the Service Component Architecture (SCA) composite file to achieve a quality of service for a service or reference. These intents must be mapped to policy sets that can satisfy the intents during deployment.
Before you begin this task, install Service Component Architecture (SCA) application.
Intents and policy sets can be used to configure web service bindings to achieve quality of services (QoS).
Procedure
- Configure administrative and application security for the server.
In order to secure the service so that it only accepts secure requests, and for the service to require authentication, administrative and application security must be enabled for the server. See Securing JAX-WS web services using message-level security.
- Configure the service to require transport authentication by specifying the authentication.transport intent on the <binding.ws> element.
A component service can be configured to require transport authentication by specifying the "authentication.transport" intent on the <binding.ws> element.
<service name="AccountService"> <binding.ws requires="authentication.transport" ... /> </service>
- Configure the client to send a username and password by attaching the WSHTTPS default policy set to the <binding.ws> element.
The wsPolicySet attribute can be used to specify policy sets at the composite, component, service, reference, and binding.ws levels in the SCA composite file. The actual attachment happens only at the binding.ws level and policy sets specified at other levels are inherited down to the binding level. For additional information on attaching policy sets to the <binding.ws> element and the inheritance rules, refer to mapping abstract intent to policy sets.
After the policy set is attached to the client reference, it also requires assigning a client.policy binding with the username and password provided in the HTTP transport binding to send with the request. Complete this task using the topic, configuring the HTTP transport policy, to configure the HTTP transport binding to provide username and password.
To assign policy set bindings, see the topic, defining and managing policy set bindings.
Results
When you finish this task, we have configured web service binding to do SCA transport layer authentication.
What to do next
We can proceed to configuring other application specific bindings for your policy sets.
Secure JAX-WS web services using message-level security
Secure web services applications at the transport level
Attach a policy set to a service artifact
Map abstract intents and managing policy sets
Create application specific bindings for policy set attachment
Configure web services client bindings
Configure default Web Services Security bindings
Configure the HTTP transport policy
Configure the SCA web services binding
Define and managing policy set bindings