Securing JAX-RPC web services using message-level security
Standards and profiles address how to provide protection for messages that are exchanged in a web service environment.
Before you begin
About this task
To secure web services with WebSphere Application Server, you must specify several different configurations. Although there is not a specific sequence in which you must specify these different configurations, some configurations reference other configurations. See Web Services Security configuration considerations.
Web service security is supported in the managed web service container. To establish a managed environment and to enforce constraints for Web Services Security, you must perform a Java Naming and Directory Interface (JNDI) lookup on the client to resolve the service reference.
Because of the relationship between the different Web Services Security configurations, it is recommended that you specify the configurations on each level of the configuration in the following order. You can choose to configure Web Services Security for the application level, the server level or the cell level as it depends upon your environment and security needs.