Web services security

Sign and encrypt any element in a SOAP message

This article describes how to use IBM WebSphere Application Server Version 6 and IBM Rational Application Developer to sign and encrypt any element in a SOAP message using an XPATH expression and the Web Services Security 1.0 standard.

Hyen-Vui (Henry) Chung, Senior Software Engineer, IBM

Henry Chung is an architect and lead developer of Web services security on the WebSphere platform. Henry has been in middleware development for over 5 years and has developed many security features for the WebSphere platform. Henry&s current focus is leading the development of the latest WebSphere Web services security specifications. He also helps customers and other IBM teams apply Web services security solutions. His primary goal is to enable WebSphere Web services security support to meet real-world needs. You can contact Henry at hychung@us.ibm.com.



Michael McIntosh (mikemci@us.ibm.com), Senior Software Engineer, IBM

Michael McIntosh is a Senior Software Engineer working on Web services security in the Security and Privacy Department at the Thomas J. Watson Research Center in Hawthorne, New York. Michael represents IBM in the WS-I Basic Security Profile Working Group as Lead Editor, and in the OASIS Web Services Security and Web Services Secure Exchange Technical Committees. You can contact Michael at mikemci@us.ibm.com.



Paula Austel (pka@us.ibm.com), Senior Software Engineer, IBM

Paula Austel is a Senior Software Engineer in the Java and Web Service Security Group at the IBM Thomas J. Watson Research Center. She has participated in the following standards groups: OASIS Web Services Security Technical Committee, OASIS Security Services Technical Committee, and WS-I Basic Security Profile Working Group. You can reach Paula at pka@us.ibm.com.



Masayoshi Teraguchi (teraguti@jp.ibm.com), Researcher, IBM

Masayoshi Teraguchi received his M.E. in Information and Computer Sciences from Osaka University, Japan, in 2000. He joined the IBM Tokyo Research Laboratory in 2000. His research interests include Multimedia annotation, XML, Web services, and Web services security. You can reach Masayoshi at teraguti@jp.ibm.com.



17 May 2006

This article describes how to use IBM® WebSphere® Application Server Version 6 and IBM Rational® Application Developer to sign and encrypt any element in a SOAP message using an XPATH expression and the Web Services Security 1.0 standard.

Summary

Learn how to use IBM WebSphere Application Server Version 6.0 and IBM Rational Application Developer to sign and encrypt any element in a SOAP message using the Web Services Security 1.0 standard (WS-Security). WS-Security is designed to be flexible and extensible. However, that flexibility and extensibility is a double-edged sword: it enables security for many message-level scenarios, but adds significant complexity to the development process. WebSphere Application Server provides a simple keyword-based mechanism to specify which SOAP message elements are to be signed and encrypted. Keywords are defined to support the majority of common usage scenarios for standard message elements. However, SOAP messages frequently contain non-standard application-defined elements that must also be protected. This article describes how you can use an XPATH expression with WebSphere Application Server to sign and encrypt any element in a SOAP message. The article is intended for Web services application developers who need to secure their SOAP messages using message-level security.

Downloads

DescriptionNameSize
Article in PDF format0605_chung.pdf  ( HTTP | FTP )2.3MB
Readme file for samplesreadme.txt  ( HTTP | FTP )1KB
Sample files, EAR file, genkey command filesamples.zip  ( HTTP | FTP )78KB

Resources

Learn

Get products and technologies

  • Build your next development project with IBM trial software, available for download directly from developerWorks.

Discuss

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=WebSphere
ArticleID=112144
SummaryTitle=Web services security
publish-date=05172006