Sun Microsystems 820433510 Configuring Other Security Facilities, Configuring a JCE Provider

Configuring the Enterprise Server for Message Security

TABLE 10–1Message protection policy to WS-Security SOAP message security operation mapping

(Continued)

Configuring Other Security Facilities

The Enterprise Server implements message security using message security providers integrated in its SOAP processing layer. The message security providers depend on other security facilities of Enterprise Server.

1.If using a version of the Java SDK prior to version 1.5.0, and using encryption technology, configure a JCE provider.

2.Configuring a JCE provider is discussed in “Configuring a JCE Provider” on page 135.

3.If using a username token, configure a user database, if necessary. When using a username/password token, an appropriate realm must be configured and an appropriate user database must be configured for the realm.

4.Manage certificates and private keys, if necessary.

After You Finish

Once the facilities of the Enterprise Server are configured for use by message security providers, then the providers installed with the Enterprise Server may be enabled as described in “Enabling Providers for Message Security” on page 137.

Configuring a JCE Provider

The Java Cryptography Extension (JCE) provider included with J2SE 1.4.x does not support RSA encryption. Because the XML Encryption defined by WS-Security is typically based on RSA encryption, in order to use WS-Security to encrypt SOAP messages you must download and install a JCE provider that supports RSA encryption.

Note – RSA is public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technology.