Actor
roles settings Use this page to define settings for SOAP actor roles.
The SOAP
actor, also known as the SOAP role, defines the intermediary or ultimate
recipient
of a message.
Algorithms settings Use this page to view the supported cryptographic and canonicalization
algorithms. Algorithms are used to reconcile XML differences.
Application policy set settings Use this page to view, create, enable or disable your policy
sets. You can use policies, or assertions that define services, to
simplify your web services configuration.
Application policy sets collection Use this page to manage policy sets. You can create, copy,
export, and import policy sets. You can also view or delete existing
policy sets. You can use policy sets, or assertions that define services,
to simplify your web services configuration because policy sets group
security and other web services settings into reusable units.
Asymmetric signature and encryption policies settings Use this page to create the trust context, message integrity and
confidentiality, to use asymmetric tokens. You can create the trust context
by specifying which token type to use for the initiator and recipient signature
as well as the initiator and recipient encryption.
Authentication generator or consumer token settings Authentication tokens are used to prove or assert an identity.
Use the administrative console to add authentication token settings
for message parts when you are editing a general binding.
Callback handler settings for JAX-WS Use this page to configure callback handler settings for JAX-WS,
which determine how security tokens are acquired from messages headers.
Caller collection The caller specifies the token or message part that you
want to use for authentication. Use this administrative console page
to access, view and configure the caller settings for message parts.
Caller settings Use this page to configure the caller settings. The caller
specifies the token or message part that is used for authentication.
Certificate store settings Use this page to specify the location where certificates
are stored. You can reference certificate revocation for service generators
or consumers.
Copy policy set binding settings Use this page to view and copy general policy set bindings
for either a single security or a multiple security domain environment.
Creating new or configuring existing general binding settings Use this page to create a new client or provider policy
set binding. You can also use this page to configure an existing general
binding. Empty bindings will be deleted. Scoping a binding to a security
domain constrains the configuration options to those applicable to
that domain and limits use of the binding to the specified domain.
Custom keystore settings Use this page to configure custom keystore files. Custom
keystore files are alternatives to the key management support built
into the WebSphere Application Server. The callback
handler uses the custom version of the keystore configuration that
includes keys.
Default policy set bindings collection Use this page to specify the service provider and client
default bindings. The specified service provider and client bindings
are used at the cell (global security) level unless these specified
bindings are overridden at the attachment point, at the server, or
at a security domain.
Encrypted message part settings Use this page to define the elements of an encrypted part
of a message. Encrypted parts are used to protect message confidentiality,
and in this case, the encrypted parts are being defined as part of
the policy set process. A message part is a named set of one or more
message elements.
Export policy sets bindings settings This task only applies to general client or provider bindings.
Use this page to export either a client or provider policy set binding
for reuse.
HTTP transport policy settings Use this page to define HTTP transport policy configuration.
HTTP features and HTTP connection policies are applied to outbound
messages. Any changes to the HTTP transport policy from this console
page affects all Java API for XML-Based Web Services
(JAX-WS) applications to which this custom HTTP transport policy is
attached.
JMS transport bindings Use this page to define the Java Message
Service (JMS) transport provider or client bindings configuration.
JMS transport policy settings Use this page to configure settings for the Java Message Service (JMS) transport policy.
You can configure a client that is using the JMS transport policy
to exchange request and response messages with the server.
Key information settings Use this page to configure the key information for the
selected policy set binding. Key information attributes define how
cryptographic keys are generated or consumed.
Keys and certificates Use this page to link to key and certificate binding configuration
panels. This panel defines key and certificate bindings for JAX-WS
web services only. These keys and certificates can be centrally managed
by the product or in an external keystore.
Main policy and bootstrap policy settings Use this page to specify how message security policies
are applied to requests and enforced on responses, as defined by the
main policy settings and the bootstrap policy settings. Assertions
for Web Services Security (WS-Security) versions are already generated
based on assertions in the policy set. If the policy set includes
a Web Services Security Version 1.1 assertion, then Web Services Security
Version 1.1, itself, is asserted.
Message
expiration settings Use this page to define settings for message expiration,
if and
when messages expire. When you specify message expiration, the message
expires
after the specified interval of time passes.
Message part protection settings Use this page to define the message parts that you want
protected and how that protection is provided.
Policies applied settings Use this panel to view and change whether the policy configuration
of a WebSphere Application Server service
client is configured dynamically, based on the policies supported
by its service provider. You can view or change how the client obtains
the policy of the service provider; the client can use an HTTP GET
request or a Web Services Metadata Exchange (WS-MetadataExchange)
request. You can specify a policy set and binding to provide message-level
security for WS-MetadataExchange requests or to specify HTTP transport
and SSL transport configuration for HTTP GET requests.
Policy set bindings settings Use this page to view or define general, application specific,
or trust service specific bindings configuration information for policies
that you can associate with the selected policy set. This bindings
configuration information is specific to a system. Use the links on
this page to work with bindings for each specific policy.
Policy
set bindings settings for WS-Security Use this page to view, define or configure general bindings
and application specific properties for the WS-Security policy. You
can configure the main policy or the secure conversation bootstrap
policy by editing the general bindings.
Policy sharing settings Use this pane to view and change whether the policy configuration
of a web services service provider is shared. You can configure the
service provider to include the policy configuration in its Web Services
Description Language (WSDL) so that it can be accessed using an HTTP
Get request, or published. You can also make the policy configuration
available to a Web Services Metadata Exchange (WS-MetadataExchange)
request.
Protection token settings (generator or consumer) Use this page to configure protection tokens. Protection
tokens sign messages to protect integrity or encrypt messages to provide
confidentiality.
SSL
transport security settings Use this page to define
the secure sockets layer (SSL) transport
policy binding configuration.
Search attached applications collection Use this page to search for applications and other resources
that are attached to a specific policy set or to search for applications
and other resources that have attached service resources.
Server Version 6.1 default policy set bindings Use this page to specify the server Version 6.1 default
policy set bindings for this server. These default bindings are used
for client and provider policy set attachments for applications that
are deployed to Version 6.1 servers, and for Version 6.1 applications
that are deployed to Version 7.0 servers. The default bindings are
used for Version 6.1 attachments unless overridden at the attachment
point.
Server default binding settings Use this page to specify the server default bindings if
you want to override the default bindings that are specified for the
cell (global security) or the security domain to which the server
is deployed.
Service client or provider policy set bindings collection Use this page to create, copy, and manage general policy
set bindings, such as the service client or provider bindings. These
bindings provide system-specific configuration, and can be reused
across policy set attachments. You can select the general default
bindings, create new general bindings, or use existing bindings for
an attached policy set.
Signed or Encrypted message part settings Use this page to configure or create new signed or encrypted
message parts. Message part bindings define how the part (which is
defined in a policy set) is handled.
Signed part reference default bindings settings Use this administrative console page to configure the signed part
reference general bindings and the uniform resource locator (URL) for the
transform algorithms that are needed to protect the message part.
Signed part settings Use this page to define the elements of a signed part. Signed parts
are used to protect message integrity and, in this case, the signed parts
are being defined as part of the policy set process.
Symmetric signature and encryption policies settings Use this page to create the trust context to use symmetric tokens.
Using the same token for signing and validating messages and encrypting and
decrypting messages increases performance. Use symmetric tokens within a trust
context.
System policy set collection Use this panel to create and manage policy sets. A policy
set is a named collection of policies. System policy sets, or assertions
about how services are defined, are used to configure access to the
trust service.
System policy set settings Use this panel to create a new system policy set or to
edit information about an existing custom system policy set. System
policy sets, or assertions about how services are defined, are used
to configure access to the trust service.
Token type settings Use the administrative console to define the details about
the token types. This panel is displayed differently for each different
token type. Policies can be defined that specify which types of security
tokens are supported as well as properties for the token type.
Transform algorithms settings Use this administrative console page to select the uniform
resource locator (URL) for the transform algorithms that are needed
to protect the message part.
Trust anchor settings Use this page to specify the trust anchor configuration.
These trust anchor certificates are used to validate the X.509 certificate
that is embedded in the SOAP message.
Version 6.1 default policy set bindings Use this page to specify Version 6.1 default policy set
bindings for the cell (global security). These bindings are used for
both client and provider policy set attachments within Version 6.1
applications and attachments to service applications that are deployed
to a Version 6.1 server. These default bindings are used for Version
6.1 attachments unless they are overridden at the attachment point
or by a Version 6.1 server default binding.
WS-Addressing policy settings Use this page to define the appropriate WS-Addressing policy
assertions for this policy set.
WS-ReliableMessaging
policy binding To configure a web service application to use WS-ReliableMessaging, you attach a policy set that contains a WS-ReliableMessaging policy type. This policy type offers a range of qualities of service: managed persistent, managed non-persistent, or unmanaged non-persistent. The managed qualities of service, managed persistent and managed non-persistent, are supported by the service integration bus. Use this page to select the bus and messaging engine to use for the reliable messaging protocol state.
WS-ReliableMessaging
settings For the WS-ReliableMessaging policy you can configure the version of the WS-ReliableMessaging standard that you want to use, the order in which messages are delivered, and the required quality of service (the reliability level) for message delivery. The
product can enforce these policies on inbound messages and applies
them to outbound messages.
WS-Security
authentication and protection Use the links on this page to configure authentication,
protection, signature, and encryption information that the policy
requires.
WS-Security policy settings Use this page to configure the WS-Security policy and apply a message
security WS-Security profile to requests. WS-Security policies are applied
to requests and enforced on responses to support inter-operability.
WS-Transaction policy settings Use this page to specify the policies for the WS-AtomicTransaction
(WS-AT) and WS-BusinessActivity (WS-BA) protocols. WS-AT supports
coordination of activities so that either all the activities occur,
or none of them occur. WS-BA supports coordination of activities that
are more loosely coupled than atomic transactions, and that therefore,
require a compensation process if an error occurs.
Web Services Addressing policy set binding Use this page to modify the endpoint reference binding
for Web Services Addressing (WS-Addressing). The product enforces
this binding on JAX-WS web service applications that use WS-Addressing.
This panel applies only to the WebSphere Application Server, Network Deployment version of the
product.