background image

message-security-binding element

<< Specific Message Security | Using Application Server WS-Security >>
<< Specific Message Security | Using Application Server WS-Security >>
U
SING THE
A
PPLICATION
S
ERVER
M
ESSAGE
S
ECURITY
I
MPLEMENTATION
245
</java-method>
</message>
<request-protection auth-source="content" />
<response-protection auth-source="content"/>
</message-security>
</message-security-binding>
</webservice-endpoint>
</ejb>
</enterprise-beans>
</sun-ejb-jar>
In this example, the
message-security-binding
element has been added to a
web service endpoint for an enterprise bean. The elements highlighted in
bold
above are described briefly below and in more detail in the Application Server's
Application Deployment Guide. A link to this document is provided in Further
Information (page 251).
·
message-security-binding
: This element specifies a custom authentica-
tion provider binding for a parent
webservice-endpoint
or
port-info
element by binding to a specific provider and/or by specifying the message
security requirements enforced by the provider. It contains the attributes
auth-layer
and
provider-id
(optional).
·
auth-layer
: This element specifies the message layer at which authen-
tication is performed. The value must be
SOAP
.
·
provider-id
: This element is optional and specifies the authentication
provider used to satisfy application-specific message security require-
ments. If this attribute is not specified, a default provider is used, if there
is one defined for the message layer. If no default provider is defined,
authentication requirements defined in the
message-security-bind-
ing
element are not enforced.
·
message-security
: This element specifies message security require-
ments. If the grandparent element is
webservice-endpoint
, these
requirements pertain to request and response messages of the endpoint. If
the grandparent element is
port-info
, these requirements pertain to the
port of the referenced service.
·
message
: This element includes the methods (
java-method
) and oper-
ations (
method-name
) to which message security requirements apply. If
this element is not included, message protection applies to all methods.
·
request-protection
: This element defines the authentication policy
requirements of the application's request processing. It has attributes of
auth-source
and
auth-recipient
to define what type of protection is
applied and when it is applied.