Modifying an existing WS-Security configuration
You can add or modify the configuration details for a WS-Security configuration that is configured for use with service integration bus-enabled web services. You use WS-Security configurations to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services.
About this task
WS-Security configurations specify the level of security that you require (for example The
body must be signed
). This level of security is then implemented through the run-time
information contained in a WS-Security binding. You receive the security configuration information direct from the
service requester or target service provider, in the form of an
ibm-webservicesclient-ext.xmi
file for the client, and an
ibm-webservices-ext.xmi
file for the target web service, which contain the
information about the levels of security (integrity, confidentiality and identification) that are
required. You extract the information from these .xmi
files, then manually enter it
into the WS-Security configuration forms.
Configurations are administered independently from any web service that uses them, so you can create a configuration then apply it to many web services. However, the security requirements for an inbound service (which acts as a target web service) are significantly different to those required for an outbound service (which acts as a client). Consequently, configurations are further divided by service type (inbound or outbound).
To list the WS-Security configurations, and to view and modify their configuration details, complete the following steps: