To enable message security for web services endpoints deployed in Application Server, you must specify a provider to be used by default on the server side. If you enable a default provider for message security, you also need to enable providers to be used by clients of the web services deployed in Application Server. Information for enabling the providers used by clients is discussed in To enable message security for application clients.
To enable message security for web service invocations originating from deployed endpoints, you must specify a default client provider. If you enabled a default client provider for Application Server, you must ensure that any services invoked from endpoints deployed in Application Server are compatibly configured for message layer security.
In the Admin Console tree component, expand the Configuration node.
Expand the Security node.
Expand the Message Security node.
Select the SOAP node.
By default, the Message Security tab is selected.
On the Edit Message Security Configuration page, set the following fields to specify default client and server providers.
The default client provider identifies the client provider invoked for an application that does not identify a specific client provider. The default server provider identifies the server provider invoked an application that does not identify a specific server provider. The default server provider is sometimes referred to as the default provider.
Default Provider: By default, no provider configuration is selected. To identify a server-side provider, select ServerProvider. Not selecting an option means that by default Application Server will not invoke a message security provider on the server side.
Generally select ServerProvider for this field.
Default Client Provider: By default, no provider configuration is selected. To identify a client-side provider, select ClientProvider. Not selecting an option means that by default Application Server will not invoke a message security provider on the client side.
Generally select null for this field. Select ClientProvider to enable a default provider and message protection policy to apply to the web services invocations originating from web services endpoints deployed on Application Server.
Click Save.
For instructions on how to modify message protection policies of enabled client or server providers, see To configure a message security provider.
To specify the default server provider:
asadmin set --user admin-user --port admin-port server-config.security-service.message-security-config.SOAP. default_provider=ServerProvider |
To specify the default client provider:
asadmin set --user admin-user --port admin-port server-config.security-service.message-security-config.SOAP. default_client_provider=ClientProvider |