Before you begin
You must first create the Web Service security configuration that is associated with a Web Service before you can configure specific features.
See Create a Web Service security configuration for details about creating a security configuration.
The Default Identity Asserter of WebLogic Server is configured, by default, to use username/password tokens for authentication, and is not configured to accept X.509 certificates. Client applications that invoke a Web Service use the Default Identity Asserter for authentication, by default.
However, a programmer can specify (using security assertions in the WS-Policy file associated with a Web Service) that a client application invoking the service should use X.509 certificates as tokens to establish identity. To enable this functionality, you must configure the Web Service security configuration associated with the service, as well as configure the Default Identity Asserter.
Web Services programmers associate a Web Service security
configuration using the @WssConfiguration
JWS
annotation; the value
attribute specifies the
associated configuration name. If the programmer does not specify
the value
attribute, the Web Service is associated
with the default security configuration:
default_wss
.
weblogic.xml.crypto.wss.BinarySecurityTokenHandler
.x509
.UseX509ForIdentity
.true
.myrealm
security
realm, displayed in the Realms table.
DefaultIdentityAsserter
in the
Authentication Providers table.
X.509
from the Available to the Chosen box.
After you finish
You must redeploy any Web Service which is associated with this security configuration for the security changes to take effect.