All of the steps in To Secure the Service need to be completed before you create your web service client. The service’s security policies are defined in its WSDL. You specify this WSDL file when you create the client application so that the client is configured to work with the service’s security mechanism through the web service reference URL when the client is built or refreshed.
To use the IDE to configure security for a web service client, perform the following steps.
Create a client for your web service.
If you need an example of how to do this, see Creating a Client to Consume a WSIT-Enabled Web Service.
If you are creating a client for a mechanism that will use SSL, specify the secure port for running the client when completing the New Web Service Client step. To do this, type https:// fully_qualified_hostname:8181/rest_of_url in the WSDL URL field of the New Web Service Client wizard. For the example, this is the way to specify the secure URL for CalculatorWS web service:
If you prefer to use localhost in place of the fully-qualified hostname when specifying the URL for the service WSDL, you must follow the workaround described in Transport Security (SSL) Workaround.
In the Projects window, expand the client node.
Expand the Web Service References node.
Right-click the node for the web service reference you want to secure.
When the Web Service References Attributes Editor is opened, select the WSIT tab to display the WSIT options (see Figure 7–2).
Refer to Table 7–2 for a summary of what options are required on the client side. The configuration requirements for the client are dependent upon which security mechanism is specified on the server side.
Click OK to save your changes.
The WSIT configuration information is saved in two files under Source Packages->META-INF.
To view the WSIT configuration files, in the tree, drill down from the project to Source Packages->META-INF. Double-click on serviceService.xml or wsit-client.xml to view the contents. The full contents of example client WSIT configuration files can be viewed at Client-Side WSIT Configuration Files.