Configuring the server for request decryption: decrypting the message parts

Use the WS Extensions tab and the WS Binding configurations tab to specify which parts of the request message must be decrypted by the server.

Before you begin

Important: There is an important distinction between Version 5.x and Version 6 and later applications. The information supports Version 5.x applications only that are used with WebSphere® Application Server Version 6.0.x and later. The information does not apply to Version 6.0.x and later applications.

Complete this task to specify which parts of the request message must be decrypted by the server. You must know which parts of the request message the client encrypts because the server must decrypt the same message parts.

Prior to completing these steps, read either of the following topics to become familiar with the WS Extensions tab and the WS Binding configurations tab:

These two tabs are used to configure the Web Services Security extensions and Web Services Security bindings, respectively.

About this task

Complete the following steps to configure the request receiver extensions:

Procedure

  1. Launch an assembly tool.
    For more information, see the related information on Assembly Tools.
  2. Switch to the Java™ Platform, Enterprise Edition (Java EE) perspective. Click Window > Open Perspective > J2EE.
  3. Click EJB Projects > application_name > ejbModule > META_INF.
  4. Right-click the webservices.xml file, and click Open with > Web services editor.
  5. Click the Extensions tab, which is located at the end of the web services editor within the assembly tool.
  6. Expand the Request receiver service configuration details > Required confidentiality section.
  7. Select the parts of the message to decrypt.
    The message parts selected for the request decryption on the server must match the message parts selected for the message encryption on the client. Click Add and select either of the following message parts:
    bodycontent
    The user data section of the message.
    usernametoken
    This token is the basic authentication information.

What to do next

After you specify which parts of the request message to decrypt, you must specify the method to use decrypt the message. See Configuring the server for request decryption: choosing the decryption method for more information.