The Application Server implements message security using message security providers integrated in its SOAP processing layer. The message security providers depend on other security facilities of Application Server.
If using a version of the Java SDK prior to version 1.5.0, and using encryption technology, configure a JCE provider.
Configuring a JCE provider is discussed in To configure a JCE Provider.
If using a username token, configure a user database, if necessary. When using a username/password token, an appropriate realm must be configured and an appropriate user database must be configured for the realm.
Configuring a user database is discussed in Editing a Realm.
Manage certificates and private keys, if necessary.
Managing certificates and private keys is discussed in About Certificate Files.
Once the facilities of the Application Server are configured for use by message security providers, then the providers installed with the Application Server may be enabled as described in To enable providers for message security.