Configuring WS Security Using X.509 Token in IBM Integration Bus / Blogs / Perficient

Introduction :

Web Service Security can be implemented in IBM Integration Bus (hereafter called IIB) application using any of the following token types:

Username
Username and Password
SAML assertion
Kerberos Ticket
LTPA Certificate
X.509 Certificate

This blog provides how to configure Policy Sets and Policy Set bindings for implementing WS-Security in IIB message flow using X.509 Certificate identity in IIB as a Consumer.

Overview on X.509 Certificate :

An X.509 certificate specifies a binding between a public key and a set of attributes that includes subject name, issuer name, serial number and validity interval.

An X.509 certificate may be used

to validate a public key that may be used to authenticate a SOAP message.
to identify the public key with SOAP message that has been encrypted.

Configuring Keystore/Truststore :

Broker’s keystore and truststore must be configured to hold the trusted certificate.
For configuring Keystore and Truststore refer Viewing and setting keystore and truststore runtime properties at broker level, or Viewing and setting keystore and truststore runtime properties at integration server level.

To Set up Policy Set:

The following steps to be carried out for creating a policy set :

Figure 1 : Open Policy Sets

Figure 2 : Add Policy Set

Revolutionize Your Business With Generative AI

From product design and software development to virtual agents, content creation, and reporting, GenAI is transforming business. Our AI experts help you unlock GenAI’s full potential and drive growth.

Let’s Get Started

Figure 3 : Rename Policy Set

Figure 4 : Add X.509 Authentication Token

Figure 5 : Select Message Level Protection

Figure 6 : Add Token

Figure 7 : Set Algorithm

Figure 8 : Add Message Part Protection

Figure 9 : Aliases

Figure 10 : Qname

Figure 11 : Setting Xpath

Figure 12 : Add Policy Set Binding

Figure 13 : Associate Policy Set Binding with Policy Set

Figure 14 : Add Authentication Token

Figure 15 : Set Message Part Policy

Figure 16 : Set Key Information

Figure 17 : Save the Configuration

Figure 18 : Create the Message Flow

Figure 19 : Associate Policy Set and Policy Set Binding with Message flow

Thoughts on “Configuring WS Security Using X.509 Token in IBM Integration Bus”

janardhan raju September 12, 2018 at 10:41 am

Very useful information. Keep up the great work. Thanks you.

– Janardhan from Freshersnow.com
Junaid December 10, 2019 at 12:33 am

Hi Can you kindly upload article/tutorial for webservice Provider(SOAPInput)
Jhansi July 4, 2024 at 11:56 pm

Please provide the brief explanation about ws security by using username token and how will generate the token and keystore