Configuring the Application Server for Message Security

Message Security enables a server to perform end-to-end authentication of web service invocations and responses at the message layer. The Application Server implements message security using message security providers on the SOAP layer. The message security providers provide information such as the type of authentication that is required for the request and response messages. The types of authentication that are supported include the following:

Two message security providers are included with this release. The message security providers can be configured for authentication for the SOAP layer. The providers that can be configured include ClientProvider and ServerProvider.

Support for message layer security is integrated into the Application Server and its client containers in the form of (pluggable) authentication modules. By default, message layer security is disabled on the Application Server.

To enable and configure message layer security, follow these steps:

  1. If using a version of the Java SDK prior to version 1.5.0, and using encryption technology, configure a JCE provider.
  2. Configuring a JCE provider is discussed in "Configuring a JCE Provider".

  3. If using a username token, configure a user database, if necessary. When using a username/password token, an appropriate realm must be configured and an appropriate user database must be configured for the realm.
  4. Configuring a user database is discussed in "Editing a Realm".

  5. Manage keystore and truststore files, if necessary.
  6. Managing keystore and truststore files is discussed in "About Certificate Files".

  7. Enable message security for all applications for which a specific provider has not been bound by specifying a message security configuration.
  8. Specifying a message security configuration is discussed in "Enabling Providers for Message Security".

  9. Configure the message security providers enabled in the previous step.
  10. Configuring the message security providers is discussed in "Configuring a Message Security Provider".

  11. Configure the application client container for message security. This defines the client’s view of what is required of client applications.
  12. Configuring the application client container for message security is discussed in "Enabling Message Security for Client Applications".

See Also:


Legal Notices