Configuring a policy set and bindings for Asymmetric XML Digital Signature or XML Encryption by using application-specific bindings
This procedure describes how to configure the message-level WS-Security policy set and bindings to sign and encrypt a SOAP message using asymmetric XML Digital Signature and Encryption with application specific bindings. As part of this procedure you must specify whether you will sign and/or encrypt both the request and response messages.
Before you begin
This task assumes that the service provider and client that you are configuring are in the
JaxWSServicesSamples
application. For more information about obtaining this
application, see Obtaining the JAX-WS Web Services samples.
*=info:com.ibm.wsspi.wssecurity.*=all:com.ibm.ws.webservices.wssecurity.*=all:
com.ibm.ws.wssecurity.*=all: com.ibm.xml.soapsec.*=all: com.ibm.ws.webservices.trace.*=all:
com.ibm.ws.websvcs.trace.*=all:com.ibm.ws.wssecurity.platform.audit.*=off:
About this task
This procedure explains the actions you need to complete to configure a WS-Security policy set to use the asymmetric XML-Digital Signature and Encryption WS-Security constraints. This procedure also explains the actions you need to complete to configure asymmetric XML Digital Signature and Encryption application specific custom bindings for a client and provider.
The keystores that are used in this procedure are provided with WebSphere® Application Server and are installed in every profile that is created. You can use the ${USER_INSTALL_ROOT} variable directly in the configuration to conveniently point to the keystore locations without using a fully qualified path. ${USER_INSTALL_ROOT} resolves to a path such as c:/WebSphere/AppServer/profiles/AppSrv01.
${USER_INSTALL_ROOT}/etc/ws-security/samples/dsig-sender.ks
${USER_INSTALL_ROOT}/etc/ws-security/samples/dsig-receiver.ks
${USER_INSTALL_ROOT}/etc/ws-security/samples/enc-sender.jceks
${USER_INSTALL_ROOT}/etc/ws-security/samples/enc-receiver.jceks
Procedure
Results
The JaxWSServicesSamples web services application is configured to use asymmetrical XML Digital Signature and Encryption to protect your SOAP requests and responses.