Support User Manuals

Sun Microsystems 820433510 Server User Manual

Open as PDF

of 256

TABLE 10–1 Messageprotection policy to WS-Security SOAPmessage security operation mapping

(Continued)

MessageProtectionPolicy ResultingWS-SecuritySOAPmessageprotectionoperations

auth-recipient="before-content"

OR

auth-recipient="after-content"

The content ofthe SOAP messageBody isencrypted and

replaced with theresulting xend:EncryptedData. The

message contains a wsse:Security header that contains

an xenc:EncryptedKey. The xenc:EncryptedKey

contains the keyused to encrypt the SOAP messagebody.

The key isencrypted in the public key ofthe recipient.

Nopolicy specied. No securityoperations are performed by the modules.

Conguring Other Security Facilities

The Enterprise Server implements message security using message security providers

integrated in its SOAP processing layer. The message security providers depend on other

security facilities of Enterprise Server.

1. If using a version of the Java SDK prior to version 1.5.0, and using encryption technology,

congure a JCE provider.

2. Conguring a JCE provider is discussed in

“Conguring a JCE Provider” on page 135.

3. If using a username token, congure a user database, if necessary. When using a

username/password token, an appropriate realm must be congured and an appropriate

user database must be congured for the realm.

4. Manage certicates and private keys, if necessary.

AfterYou Finish

Once the facilities of the Enterprise Server are congured for use by message security providers,

then the providers installed with the Enterprise Server may be enabled as described in

“Enabling Providers for Message Security” on page 137.

Conguring a JCE Provider

The Java Cryptography Extension (JCE) provider included with J2SE 1.4.x does not support

RSA encryption. Because the XML Encryption dened by WS-Security is typically based on

RSA encryption, in order to use WS-Security to encrypt SOAP messages you must download

and install a JCE provider that supports RSA encryption.

Note – RSA is public-key encryption technology developed by RSA Data Security, Inc. The

acronym stands for Rivest, Shamir, and Adelman, the inventors of the technology.

ConguringtheEnterprise ServerforMessage Security

Chapter10 • ConguringMessage Security 135

previous next