Securing WSIF
The steps to be taken to enable the Web Services Invocation Framework (WSIF) to interact with a security manager.
About this task
WSIF interacts with a security manager in the following
ways:
- WSIF runs in the Java™ Platform, Enterprise Edition (Java EE) security context without modification.
- When WSIF is run under a Java EE container, port implementations can use the security context to pass on security tokens or credentials as necessary.
- WSIF implementations can automatically convert Java EE security context into appropriate context for onward services.
For WSIF to interact effectively with the WebSphere® Application Server security manager, complete the following step:
Procedure
To load the Web Services Description Language (WSDL) file,
enable the FilePermission attribute in the
was.policy file.
This permission is required when a WSDL file is referred to
using the
file:// protocol.