77 lines
3.0 KiB
HTML
77 lines
3.0 KiB
HTML
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
|
<html>
|
||
|
|
<head>
|
||
|
|
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||
|
|
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
|
||
|
|
|
||
|
|
<title>Request sender</title>
|
||
|
|
</head>
|
||
|
|
|
||
|
|
<BODY>
|
||
|
|
<!-- Java sync-link -->
|
||
|
|
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
|
||
|
|
|
||
|
|
<h6><a name="wssecreqsend"></a>Request sender</h6>
|
||
|
|
|
||
|
|
<p>The security handler on the request sender side of the SOAP message
|
||
|
|
enforces the security constraints, located in the <tt>ibm-webservicesclient-ext.xmi</tt> file, and bindings, located in the <tt>ibm-webservicesclient-bnd.xmi file</tt>.
|
||
|
|
These constraints and bindings apply both to J2EE application clients or when
|
||
|
|
Web services is acting as a client. The security handler acts on the security
|
||
|
|
constraints before sending the SOAP message. For example, the security handler
|
||
|
|
might digitally sign the message, encrypt the message, create a time stamp,
|
||
|
|
or insert a security token.</p>
|
||
|
|
|
||
|
|
<p>The security handler on the request sender side of the Simple Object Access
|
||
|
|
Protocol (SOAP) message enforces the security constraints, located in the
|
||
|
|
<tt>ibm-webservicesclient-ext.xmi</tt> file, and the bindings, located in the
|
||
|
|
<tt>ibm-webservicesclient-bnd.xmi</tt> file. These constraints and bindings apply both to
|
||
|
|
J2EE application clients or when Web services is acting as a client. The security handler
|
||
|
|
acts on the security constraints before sending the SOAP message. Request sender security
|
||
|
|
constraints must match the security constraint requirements defined in the request
|
||
|
|
receiver. For example, the security handler might digitally sign the message, encrypt
|
||
|
|
the message, create a time stamp, or insert a security token. You can specify
|
||
|
|
the following security requirements for the request sender and apply them
|
||
|
|
to the SOAP message:</p>
|
||
|
|
|
||
|
|
<dl>
|
||
|
|
<dt><strong>Integrity (digital signature)</strong></dt>
|
||
|
|
<dd>You can select multiple parts of a message to sign digitally. The following
|
||
|
|
list contains the integrity options:
|
||
|
|
<ul>
|
||
|
|
<li>Body</li>
|
||
|
|
<li>Time stamp</li>
|
||
|
|
<li>Security token</li>
|
||
|
|
</ul>
|
||
|
|
</dd>
|
||
|
|
<dt><strong>Confidentiality (encryption)</strong></dt>
|
||
|
|
<dd>You can select multiple parts of a message to encrypt. The following list
|
||
|
|
contains the confidentiality options:
|
||
|
|
<ul>
|
||
|
|
<li>Body content</li>
|
||
|
|
<li>Username token</li>
|
||
|
|
</ul>
|
||
|
|
</dd>
|
||
|
|
<dt><strong>Security token</strong></dt>
|
||
|
|
<dd>You can insert only one token into the message. The following list contains
|
||
|
|
the security token options:
|
||
|
|
<ul>
|
||
|
|
<li>Basic authentication, which requires both a user name and a password</li>
|
||
|
|
<li>Identity assertion, which requires a user name only</li>
|
||
|
|
<li>X.509 binary security token</li>
|
||
|
|
<li>Lightweight Third Party Authentication (LTPA) binary security token</li>
|
||
|
|
<li>Custom token , which is pluggable and supports custom-defined tokens in
|
||
|
|
the SOAP message</li>
|
||
|
|
</ul>
|
||
|
|
</dd>
|
||
|
|
<dt><strong>Timestamp</strong></dt>
|
||
|
|
<dd>You can have a time stamp to indicate the timeliness of the
|
||
|
|
message.
|
||
|
|
<ul>
|
||
|
|
<li>Timestamp</li>
|
||
|
|
</ul>
|
||
|
|
</dd>
|
||
|
|
</dl>
|
||
|
|
</p>
|
||
|
|
</body>
|
||
|
|
</html>
|