beautypg.com

Creating a message security provider, Enabling message security for application clients – Sun Microsystems GLASSFISH ENTERPRISE 820433510 User Manual

Page 139

background image

Creating a Message Security Provider

To configure an existing provider using the Admin Console, select Configuration node > the
instance to Configure> Security node > Message Security node > SOAP node > Providers tab.

For more detailed instructions on creating a message security provider, see the Admin Console
online help.

Enabling Message Security for Application Clients

The message protection policies of client providers must be configured such that they are
equivalent to the message protection policies of the server-side providers they will be
interacting with. This is already the case for the providers configured (but not enabled) when
the Enterprise Server is installed.

To enable message security for client applications, modify the Enterprise Server specific
configuration for the application client container.

Setting the Request and Response Policy for the
Application Client Configuration

The request and response policies define the authentication policy requirements associated with
request and response processing performed by the authentication provider. Policies are
expressed in message sender order such that a requirement that encryption occur after content
would mean that the message receiver would expect to decrypt the message before validating
the signature.

To achieve message security, the request and response policies must be enabled on both the
server and client. When configuring the policies on the client and server, make sure that the
client policy matches the server policy for request/response protection at application-level
message binding.

To set the request policy for the application client configuration, modify the Enterprise Server
specific configuration for the application client container as described in

“Enabling Message

Security for Application Clients” on page 139

. In the application client configuration file, add

the request-policy and response-policy elements as shown to set the request policy.

The other code is provided for reference. The other code may differ slightly in your installation.
Do not change it.

"your-host" address="your-host"

port=

"your-port"/>

Message Security Setup

Chapter 10 • Configuring Message Security

139

See also other documents in the category Sun Microsystems Computers: