To Create a Message Security Provider

You can add or edit or modify the message protection policy. The provider type, implementation class, and provider-specific configuration properties should be modified.

1. Login to the Admin Console.

2. Select the configuration you want to modify and click Edit Configuration.

3. Click the Java tab.

4. Click the Authentication tab and scroll down to the SOAP Authentication.

   • To modify an existing provider, select the provider name and edit the values.

5. Click New to add a provider.

6. Add the new provider information

   In this page, following information is available for modification.

   ---

   Note –

   Only Name and class Name are required. If these two fields are not specified, no authentication is applied to request or response messages. All other values are optional.

   ---

   • Name: Identifier for this provider. You can use this identifier name to specify the default provider when using wadm.

   • Class Name: The Java implementation class of the provider. Server-side providers must implement the com.sun.enterprise.security.jauth.ServerAuthModule interface.

     The request policy defines the authentication policy requirements associated with request processing performed by the authentication provider. Type the policies in message-sender order. For example, a requirement that encryption occur after content means that the message receiver expects to decrypt the message before validating the signature.

   • Request Authentication Source— Possible values are:

     • sender: Message-layer sender authentication, such as username and password

     • content: Content authentication, for example, digital signature

     • null: Source authentication of the request is not required

7. Click the Add Property button to add additional properties.

   The provider shipped with the Web Server requires the server-config property. If other providers are used, refer to their documentation for more information on properties and valid values.

   • server.config: The directory and file name of an XML file that contains the server configuration information. This file is in the following location install_dir/samples/java/webapps/webservices/security/etc/wss-server-config-2.0.xml.

8. Click OK.

Example 3–1 To set the response policy, replace the word request in the following commands with response.

• Create a message security provider msgsecurity-provider:../bin/wadm create-soap-auth-provider --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --class=com.sun.xml.wss.provider.ServerSecurityAuthModule --request-policy-auth-source=content --request-policy-auth-recipient=before-content --request-policy-auth-recipient=before-content --request-policy-auth-recipient=before-content msgsecurity-provider

• Add the required property server.config:../bin/wadm set-soap-auth-provider-prop --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --provider=msgsecurity-provider request-policy-auth-source=sender

• List the provider properties: ../bin/wadm get-soap-auth-provider-prop --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --provider=msgsecurity-provider

  For more information about wadm commands and properties, see Sun Java System Web Server 7.0 Administrator’s Configuration File Reference