Configuring security for a WS-MetadataExchange request
You can configure message-level security for a Web Services Metadata Exchange (WS-MetadataExchange) GetMetadata request by specifying a suitable policy set and binding. You do this when you configure a web service provider to share its policies or a web service client to obtain the policies of a service provider.
Before you begin
For a service client, you have completed the procedure to configure the client policy to use a service provider policy, up to and including the step to use WS-MetadataExchange.
About this task
You can configure security for a WS-MetadataExchange request by using the administrative console. You can also configure security for a WS-MetadataExchange request by using wsadmin commands.
Procedure
- For a service provider, in the Policy Sharing panel on the administrative console, select Attach a system policy set to the WS-MetadataExchange. For a service client, in the Policies Applied panel on the administrative console, select Attach a system policy set to the WS-MetadataExchange.
- Select a system policy set to provide message-level security
from the Policy set list. You can select from system policy sets that contain only WS-Security policies, only WS-Addressing policies, or both. The default policy set is SystemWSSecurityDefault. If the policy sets that are listed are not suitable for your requirements, create your own system policy set, then return to this procedure.
- Select a general binding for the policy set attachment
from the Binding list. You can select from general bindings that are
scoped to the global domain, or the security domain of this service.
If the bindings that are listed are not suitable for your requirements, create your own general binding, then return to this procedure.
- Click OK.
- Save your changes to the master configuration.