Configuring secure transmission of SOAP messages by using WS-Security
Configure service integration technologies for secure transmission of SOAP messages by using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) specification.
Before you begin
You can configure the service integration bus for secure transmission of SOAP messages by using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) 1.0 specification.
You can only use WS-Security with web service applications that comply with the Web Services for Java Platform, Enterprise Edition (Java EE) or Java Specification Requirements (JSR) 109 specification. For more information, see Web Services Security and Java Platform, Enterprise Edition security relationship. For information about how to make your web service applications JSR-109 compliant, see topics about developing JAX-RPC web services clients or JAX-WS clients.
About this task
- WS-Security bindings.
- WS-Security configurations.
The configurations resource type specifies the level of security that you require
(for example The body must be signed
), and the bindings resource type provides
the information that the run-time environment needs to implement the configuration (for example
To sign the body, use this key
),
When you associate a WS-Security resource with a port, you choose from a list of WS-Security resources that you have previously configured as described in the following topics:
Procedure
What to do next
For an overview of how WS-Security is applied to service integration bus-deployed web services, see Service integration technologies and WS-Security. For detailed information about how WS-Security is implemented in WebSphere Application Server, see Overview of standards and programming models for web services message-level security. For more information about the WS-Security standard, see the Web Services Security (WS-Security) 1.0 specification.