To enable message security for web services endpoints deployed in Application Server, you must specify a provider to be used by default on the server side. If you enable a default provider for message security, you also need to enable providers to be used by clients of the web services deployed in Application Server. Information for enabling the providers used by clients is discussed in To enable message security for application clients.
To enable message security for web service invocations originating from deployed endpoints, you must specify a default client provider. If you enabled a default client provider for Application Server, you must ensure that any services invoked from endpoints deployed in Application Server are compatibly configured for message layer security.
By default, the Message Security tab is selected.
The default client provider identifies the client provider invoked for an application that does not identify a specific client provider. The default server provider identifies the server provider invoked an application that does not identify a specific server provider. The default server provider is sometimes referred to as the default provider.
Default Provider: By default, no provider configuration is selected. To identify a server-side provider, select ServerProvider. Not selecting an option means that by default Application Server will not invoke a message security provider on the server side.
Generally select ServerProvider for this field.
Default Client Provider: By default, no provider configuration is selected. To identify a client-side provider, select ClientProvider. Not selecting an option means that by default Application Server will not invoke a message security provider on the client side.
Generally select null for this field. Select ClientProvider to enable a default provider and message protection policy to apply to the web services invocations originating from web services endpoints deployed on Application Server.
To specify the default server provider:
asadmin set --user admin-user --port admin-port server-config.security-service.message-security-config.SOAP. default_provider=ServerProvider
To specify the default client provider:
asadmin set --user admin-user --port admin-port server-config.security-service.message-security-config.SOAP. default_client_provider=ClientProvider