In order to secure Web Services providers, you must first create the Web Service provider by referring to Creating Mobile Web Services providers
. During the creation process, ensure you check Configure Security
. Perform the following procedure to configure Web services security to secure Web Services providers:
- Select the Web services name and port from the drop down menu.
- Configure Web Services Security:
- Select the Web Services name and port from the drop down menu.
- Under 'How to create Web Services Security configuration', select the appropriate choice. For a test case, select Template configuration, then select the Server type and the Security template from the drop down menus.
- Use other Lotus® Expeditor 6.x configuration
If you browse a folder including the existing WS-Security configurations for the Lotus Expeditor under the other existing project, you can import the configurations into the working project.
- Import WebSphere® Application Server 6.x configuration
If you browse a folder including the existing WS-Security configurations for the WAS 6.0 client, you can import the configurations into the working project.
- Use template configuration
If you select one client type and one security template, you can use the predefined configurations in the working project.
The following is a list of client types:
- Lotus Expeditor 6.x
- WebSphere Application Server 6.x
- WebSphere Application Server 5.x
The following is a list of security templates:
- Signing and encryption
- Signing only
- Encryption only
- Basic authentication only
- Signing and basic authentication
- Encryption and basic authentication
- Signing, encryption, and basic authentication
After completing the above procedure, the WS-Security Provider Editor appears. Some files may be created or modified, as follows:
- WS-Security-related code is inserted in the file BundleActivator.java under the working project
- The files ibm-webservices-ext.xmi, ibm-webservices-bnd.xmi, serverSample.jks, and wssecurity.xml are generated in the export directory of the package containing the file BundleActivator.java.
is designed for testing only. You should use your own key store file instead of serverSample.jks
for commercial use to avoid security exposure. Anyone who can read this document can access the serverSample.jks
The DeviceEE profile cannot read the file serverSample.jks that is created using other profiles such as Java
™ SE due to the limitation of the DeviceEE profile's ability to read a keystore and vice versa.
At this point, you may re-deploy your Web Services provider with security enabled, but if you want to change the WS-Security configurations in the working project, you can edit them with the WS-Security Provider Editor. To understand more details of how to edit the WS-Security configurations, please refer to Editing the Mobile Web Services security configuration
Parent topic: Securing Mobile Web Services