Sun Java System Application Server Enterprise Edition 8.2 Developer's Guide

Configuring Message Protection For a Specific Method Based on Digital Signatures

To enable message protection for a specific method, or for a set of methods that can be identified using a wildcard value, follow these steps. As in the example discussed in Using a Signature to Enable Message Protection for All Methods, to enable message protection for a specific method, update the message-security-binding element for the EJB web service endpoint in the application’s sun-ejb-jar.xml file. To this file, add request-protection and response-protection elements, which are analogous to the request-policy and response-policy elements discussed in the Configuring Message Security chapter of the Sun Java System Application Server Enterprise Edition 8.2 Administration Guide. The Administration Guide includes a table listing the set and order of security operations for different request and response policy configurations.

This section uses the sample application discussed in Understanding and Running the Example Application to apply application-level message security in order to show only the differences necessary for protecting web services using various mechanisms.

ProcedureTo enable message protection for a particular method or set of methods using digital signature

  1. In a text editor, open the application’s sun-ejb-jar.xml file.

    For the xms example, this file is located in the directory install-dir/samples/webservices/security/ejb/apps/xms/xms-ejb/src/conf.

  2. Modify the sun-ejb-jar.xml file by adding the message-security-binding element as shown:

    <sun-ejb-jar>
      <enterprise-beans>
      <unique-id>1</unique-id>
        <ejb>
          <ejb-name>HelloWorld</ejb-name>
          <jndi-name>HelloWorld</jndi-name>
          <webservice-endpoint>
            <port-component-name>HelloIF</port-component-name>
            <endpoint-address-uri>service/HelloWorld</endpoint-address-uri>
            <message-security-binding auth-layer="SOAP">
              <message-security>
                <message>
                  <java-method>
                    <method-name>ejbCreate</method-name>
                  </java-method>
                </message>
                <message>
                  <java-method>
                    <method-name>sayHello</method-name>
                  </java-method>
                </message>
                <request-protection auth-source="content" />
                <response-protection auth-source="content"/>
              </message-security>
            </message-security-binding>
          </webservice-endpoint>
        </ejb>
      </enterprise-beans>
    </sun-ejb-jar>
  3. Compile, deploy, and run the application as described in To Run the Sample Application.