Domains: Web Service Security: Table
Configuration Options Related Tasks Related Topics
This page lists the Web service security configurations that have been created for this domain. Click on the security configuration name to update it, such as create new credential providers, new token handlers, or configure the timestamp properties.
When a deployed WebLogic Web service has been configured to use message-level security (encryption and digital signatures, as described by the WS-Security specification), the Web services runtime determines whether a Web service security configuration is also associated with the service. This security configuration specifies information such as whether to use an X.509 certificate for identity, whether to use password digests, the keystore to be used for encryption, and so on.
WebLogic Web services are not required to be associated with a security configuration; if the default behavior of the Web services security runtime is adequate then no additional configuration is needed. If, however, a Web service requires different behavior from the default (such as using an X.509 certificate for identity, rather than the default username/password token), then the Web service must be associated with a security configuration.
@weblogic.jws.security.WssConfigurationJWS annotation in the JWS file that implements the Web service specifies the name of the security configuration that is associated with a Web service. If the Web service does not include this annotation, then it is associated with the default security configuration, called
Name Description Web Service Security Configuration Name
The name of the Web Service security configuration.
- Create a Web service security configuration
- Specify the key pair used to sign SOAP messages
- Specify the key pair used to encrypt SOAP messages
- Use a password digest in SOAP messages
- Use X.509 certificates to establish identity