background image

Configuring the Application Server

<< Application Server Message Security | Specific Message Security >>
<< Application Server Message Security | Specific Message Security >>
U
SING THE
A
PPLICATION
S
ERVER
M
ESSAGE
S
ECURITY
I
MPLEMENTATION
243
Server, where they are available for binding for use by the containers, or by indi-
vidual applications or clients deployed in the containers. During installation, the
providers are configured with a simple message protection policy that, if bound
to a container, or to an application or client in a container, would cause the
source of the content in all request and response messages to be authenticated by
XML digital signature.
By default, message layer security is disabled on the Application Server. To con-
figure message layer security at the Application Server level, read Configuring
the Application Server for Message Security (page 243). To configure message
security at the application level, read Configuring Application-Specific Message
Security (page 244).
Configuring the Application Server for
Message Security
The following steps briefly explain how to configure the Application Server for
message security. For more detailed information on configuring the Application
Server for message security, refer to the Application Server's Administration
Guide. For a link to this document, see Further Information (page 251).
To configure the SOAP layer message security providers in the client and server-
side containers of the Application Server, follow these steps:
1. Start the Application Server as described in Starting and Stopping the
Application Server (page 28).
2. Start the Admin Console, as described in Starting the Admin
Console (page 29).
3. In the Admin Console tree component, expand the Configuration node.
4. Expand the Security node.
5. Expand the Message Security node.
6. Select the SOAP node.
7. Select the Message Security tab.
8. On the Edit Message Security Configuration page, specify a provider to be
used on the server side and/or a provider to be used on the client side for
all applications for which a specific provider has not been bound. For more
description of each of the fields on this page, select Help from the Admin
Console.
9. Select Save.