Network Deployment (Distributed operating systems), v8.0 > Administer applications and their environment > Administer web services (generally applicable) > Manage web services policy sets > Manage policies in a policy set > Modify policies > Configure the WS-Security policy
Configure the request or response token policies
We can configure the request and response token policies that are part of the WS-Security policy . Message requests token policies are applied to requests and enforced on responses to support both quality and interoperability. We can configure some settings for the policies within your policy sets. The default policy sets provided in the product cannot be edited. Create a copy of the default policy set or create a completely new policy set in order to specify the policies for it.
Use this administrative console task to define policies that specifically support security tokens and properties.
Depending on your assigned security role when security is enabled, you might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.
Procedure
- Click Services > Policy sets > Application policy sets > policy_set_name > WS-Security policy.
- Click one of the following links:
- Main policy or
- Bootstrap policy
- Click the Main policy link to specify how message security policies are applied to requests and enforced on responses to support interoperability.
- Click the Bootstrap policy link to configure how secure conversations are established. A bootstrap policy might already be configured. If no bootstrap policy is currently configured, first ensure that we have enabled message security with symmetric signature and encryption policies and secure conversation tokens for both integrity and confidentiality protection. See Configuring the WS-Security policy.
- Click Request token policies under Request Policies or Response token policies under Response Policies. Use this to panel to define policies that specify which types of security tokens are supported for the properties of each token type.
Results
Once we have customized the WS-Security policy with the associated properties, including the request and response token policies, you can then send and receive protect messages.
Related
Request or Response token policies collection
Web services policies
Manage policy sets
Add policies to policy sets
Delete policies from policy sets
Enable policies for policy sets
Disable policies from policy sets
Add and remove policies using wsadmin.sh
Create policy set attachments using wsadmin
Remove policy set attachments using wsadmin
Manage policy set attachments using wsadmin
Configure the WS-Security policy
Related
WS-Security policy settings
Transform algorithms settings
Signed part reference default bindings settings
Main policy and bootstrap policy settings
Request or Response token policies collection
Asymmetric signature and encryption policies settings
Symmetric signature and encryption policies settings
Algorithms settings
Message part protection settings
Application policy sets collection
Application policy set settings
Administrative roles