To configure create a new message security provider, follow these steps:
In the Admin Console tree component, expand the Configuration node.
Expand the Security node.
Expand the Message Security node.
Select the SOAP node.
Select the Providers tab.
On the Provider Configuration page, click New.
The New Provider Configuration page appears.
In the Provider Configuration section, enter the following:
Default Provider - Check the box beside this field to make the new message security provider the default provider. The default provider will be invoked for any application that does not identify a specific provider. Whether the provider is the default client provider, the default server provider, or both is determined by Provider Type.
Provider Type - Select client, server, or client-server to establish whether the provider is the client authentication provider, a server authentication provider, or both (a client-server provider).
Provider ID - Enter an identifier for this provider configuration. This name will appear in the Current Provider Configurations list.
Class Name - Enter the Java implementation class of the provider. Client authentication providers must implement the com.sun.enterprise.security.jauth.ClientAuthModule interface. Server-side providers must implement the com.sun.enterprise.security.jauth.ServerAuthModule interface. A provider may implement both interfaces, but it must implement the interface corresponding to its provider type.
Specify the request policy, if desired.
The request policy determines the request processing that the authentication provider performs. The following properties are optional, but if not specified, the authentication provider does not authenticate request messages. The Request Policy section contains these fields:
Authentication Source - Select sender to specify message-layer sender authentication (for example, username and password) of request messages. Select content to specify content authentication (for example, digital signature) of request messages. Select nothing (blank) to not authenticate the source of requests.
Authentication Recipient - Select Before Content or After Content to require message-layer authentication of the receiver of the request message to its sender (by XML encryption). If the value is not specified it defaults to After Content. Policies are expressed in message sender order so After Content means the message receiver decrypts the message before validating the signature.
For a description of the actions performed by the SOAP message security providers, see Request and Response Policy Configurations.
Specify the response policy, if desired.
The response policy determines the response processing that the authentication provider performs. These properties are optional, but if not specified, no authentication is applied to response messages.
Authentication Source - Select sender to specify message-layer sender authentication (for example, username password) of response messages. Select content to specify content authentication (for example, digital signature) of response messages. Select nothing (blank) to not authenticate response sources.
Authentication Recipient - Select Before Content or After Content to define a requirement for message-layer authentication of the receiver of the response message to its sender (by XML encryption). When the value is not specified it defaults to After Content. Policies are expressed in message sender order so After Content means the message receiver decrypts the message before validating the signature.
For a description of the actions performed by the SOAP message security providers as a result of the following message protection policies see Request and Response Policy Configurations.
Add additional properties by clicking the Add Property button.
The provider shipped with Application Server supports the following property: server.config - The directory and file name of an XML file that contains the server configuration information. For example, domain-dir/config/wss-server-config.xml.
If you are using another other provider, refer to its documentation for more information on properties and valid values.
Click OK to save this configuration, or click Cancel to quit without saving.
create-message-security-provider