Configuring the username and password for WS-Security Username or LTPA token authentication

When using the Username WSSecurity default policy set, you must configure the username and password for username token authentication separately from the security settings defined in the bindings.

About this task

When you install a JAX-WS application and attach the default Username WSSecurity default policy set, the next step is to configure the general provider sample binding for the JAX-WS provider, and the general client sample binding for the JAX-WS client. However, the binding file for the default client sample binding does not include a username or password for token authentication. Since the username and password is not available from the target deployed system, you must specify a valid username and password in your environment using the administrative console.

Procedure

  1. Log in to the administrative console, then click Services > Policy sets > General client policy set bindings.
  2. Click Client sample to edit the binding.
  3. Click WS-Security.
    Add basic authentication information, such as username and password, to the general client sample bindings for any policy set that uses a Username token or LTPA token, including:
    • Username SecureConversation
    • Username WS-I RSP
    • LTPA SecureConversation
    • LTPA WS-I RSP
    • LTPA WSSecurity default
  4. Click Authentication and protection.
  5. In the Authentication tokens table, click gen_signunametoken to edit the username token settings.
  6. Click Callback handler in the Additional Bindings section.
  7. Enter the appropriate username and password information for your environment in the User name and Password fields.
  8. Enter the password a second time in the Confirm Password field, then click Apply.
  9. Repeat steps 5 through 8 for the gen_signltpatoken LTPA token generator.

Results

Note: This administrative console panel applies only to Java™ API for XML Web Services (JAX-WS) web services.