Administration Console Online Help

    Previous Next  Open TOC in new window 
Content starts here

Create a Web Service security configuration


When a deployed WebLogic Web Service has been configured to use message-level security (encryption and digital signatures, as described by the WS-Security specification), the Web Services runtime determines whether a Web Service security configuration is also associated with the service. This security configuration specifies information such as whether to use an X.509 certificate for identity, whether to use password digests, the keystore to be used for encryption, and so on. A single security configuration can be associated with many Web Services.

WebLogic Web Services are not required to be associated with a security configuration; if the default behavior of the Web Services security runtime is adequate then no additional configuration is needed. If, however, a Web Service requires different behavior from the default (such as using an X.509 certificate for identity, rather than the default username/password token), then the Web Service must be associated with a security configuration.

At development time, a programmer uses the @weblogic.jws.security.WssConfiguration JWS annotation in the JWS file that implements the Web Service to specify the name of the security configuration that is associated with the Web Service. The following procedure describes how to create this security configuration using the Administration Console. Later you can update this configuration with the specific security behavior required by the Web Service.

When the programmer uses the @WssConfiguration JWS annotation, they specify the name of the associated security configuration using the value attribute; if the programmer does not specify this attribute, then the service is associated with the default security configuration: default_wss. This default security configuration must also be explicitly created using the Administration Console, as described in this procedure.

The following procedure describes how to create a simple Web Services security configuration.

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane of the Administration Console, click the name of your domain. This is the top-level node of the navigation tree.
  3. In the right pane, select Web Service Security.
  4. Click New.
  5. In the Web Service Security Configuration Name field, enter the name of the new Web Service security configuration.

    If you are creating the default one, call it default_wss. If you are creating one that a particular Web Service needs, name it the same as the value attribute of the corresponding @WssConfiguration annotation.

  6. Click OK.
  7. To activate these changes, in the Change Center of the Administration Console, click Activate Changes.
    Not all changes take effect immediately—some require a restart (see Use the Change Center).

After you finish

The preceding task describes how to create an empty Web Services security configuration. The following tasks describe how to update this configuration to change specific security behavior:

You must also redeploy any Web Service to which this new security configuration is associated so that the new security behavior can take effect.


  Back to Top