Securing a Web Service

To secure a web service using username-password tokens, digital signatures, and/or encryption, follow these steps.

Before securing a web service, make sure that the Application Server is set up as described in "Configuring the Application Server for Message Security", and that default providers have been enabled, as described in "Enabling Providers for Message Security" and "Enabling Message Security for Client Applications".

  1. Set the request policy on the Application Server as described in "Configuring a Message Security Provider". The request policy defines the authentication policy requirements associated with request processing performed by the authentication provider. Table 0-1 shows the complete set of options and the results of selecting those options. Some options include:
  2. Set the request policy in the application client configuration file following the steps described in "Setting the Request and Response Policy for the Application Client Configuration".
  3. Deploy the web service as you would any web service.
  4. Access the web service’s application client.

See Also:


Legal Notices