With digital signature authentication, the client generates a security token, based on a digital signature, and embeds it in the SOAP message. For more information about digital signatures, see XML digital signature.
The server then extracts the token and validates it by using a Java Authentication and Authorization Service (JAAS) login module. For more information, see Digital signature authentication method.
Note: To use the digital signature authentication mechanism for Web services, you must configure WebSphere global security. For more information, see Configure global security in the Security topic.
Perform the following steps to configure the digital signature authentication mechanism for your Web service: