Configuring SOAP message security for CICS web services
Before you configure SOAP message security for CICS® web services, make sure that you are familiar with the information in How it works: SOAP message security , Designing security for CICS web service providers, and Designing security for CICS web service requesters.
These are common configuration examples that are based on the Design examples:
- Web service provider examples.
- Web service requester examples.
When you have chosen how to secure web services, follow the instructions for the relevant tasks from Table 1.
| Activity | For web service providers | For web service requesters | Instructions |
|---|---|---|---|
| Review prerequisites for implementing WS-Security | ✓ | ✓ | Installing the prerequisites for WS-Security support |
| Configure a pipeline for SOAP message security | ✓ | ✓ | Configuring the pipeline for Web Services Security |
| Configure ICRX-based identity propagation | ✓ | n/a | Configuring provider mode web services for identity propagation |
| Sign or encrypt SOAP messages | ✓ | ✓ | Configuring RACF for Web Services Security and the instructions for signing or encrypting SOAP messages in Configuring the pipeline for Web Services Security |
| Use the Trust client interface to invoke a Security Token Service (STS) | ✓ | ✓ | Invoking the Trust client from a message handler |
| Write a custom security handler to secure SOAP messages | ✓ | ✓ | Writing a custom security handler |