Sun Microsystems 820433510 Server User Manual


  Open as PDF
of 256
 
Creating a Message Security Provider
To congure an existing provider using the Admin Console, select Conguration node > the
instance to Congure> Security node > Message Security node > SOAP node > Providers tab.
For more detailed instructions on creating a message security provider, see the Admin Console
online help.
Enabling Message Security for Application Clients
The message protection policies of client providers must be congured such that they are
equivalent to the message protection policies of the server-side providers they will be
interacting with. This is already the case for the providers congured (but not enabled) when
the Enterprise Server is installed.
To enable message security for client applications, modify the Enterprise Server specic
conguration for the application client container.
Setting the Request and Response Policy for the
Application Client Conguration
The request and response policies dene the authentication policy requirements associated with
request and response processing performed by the authentication provider. Policies are
expressed in message sender order such that a requirement that encryption occur after content
would mean that the message receiver would expect to decrypt the message before validating
the signature.
To achieve message security, the request and response policies must be enabled on both the
server and client. When conguring the policies on the client and server, make sure that the
client policy matches the server policy for request/response protection at application-level
message binding.
To set the request policy for the application client conguration, modify the Enterprise Server
specic conguration for the application client container as described in
“Enabling Message
Security for Application Clients” on page 139
. In the application client conguration le, add
the request-policy and response-policy elements as shown to set the request policy.
The other code is provided for reference. The other code may dier slightly in your installation.
Do not change it.
<client-container>
<target-server name="your-host" address="your-host"
port="your-port"/>
MessageSecurity Setup
Chapter10 • ConguringMessage Security 139
 previous next