You can add or edit or modify the message protection policy. The provider type, implementation class, and provider-specific configuration properties should be modified.
Login to the Admin Console.
Select the configuration you want to modify and click Edit Configuration.
Click the Java tab.
Click the Authentication tab and scroll down to the SOAP Authentication.
Click New to add a provider.
Add the new provider information
In this page, following information is available for modification.
Only Name and class Name are required. If these two fields are not specified, no authentication is applied to request or response messages. All other values are optional.
Name: Identifier for this provider. You can use this identifier name to specify the default provider when using wadm.
Class Name: The Java implementation class of the provider. Server-side providers must implement the com.sun.enterprise.security.jauth.ServerAuthModule interface.
The request policy defines the authentication policy requirements associated with request processing performed by the authentication provider. Type the policies in message-sender order. For example, a requirement that encryption occur after content means that the message receiver expects to decrypt the message before validating the signature.
Request Authentication Source— Possible values are:
sender: Message-layer sender authentication, such as username and password
content: Content authentication, for example, digital signature
null: Source authentication of the request is not required
Click the Add Property button to add additional properties.
The provider shipped with the Web Server requires the server-config property. If other providers are used, refer to their documentation for more information on properties and valid values.
server.config: The directory and file name of an XML file that contains the server configuration information. This file is in the following location install_dir/samples/java/webapps/webservices/security/etc/wss-server-config-2.0.xml.
Click OK.
Create a message security provider msgsecurity-provider:../bin/wadm create-soap-auth-provider --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --class=com.sun.xml.wss.provider.ServerSecurityAuthModule --request-policy-auth-source=content --request-policy-auth-recipient=before-content --request-policy-auth-recipient=before-content --request-policy-auth-recipient=before-content msgsecurity-provider
Add the required property server.config:../bin/wadm set-soap-auth-provider-prop --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --provider=msgsecurity-provider request-policy-auth-source=sender
List the provider properties: ../bin/wadm get-soap-auth-provider-prop --port=8989 --user=admin --password-file=/tmp/admin.passwd --config=test --provider=msgsecurity-provider
For more information about wadm commands and properties, see Sun Java System Web Server 7.0 Update 4 Administrator’s Configuration File Reference