en.help.task-enablemesec4appclients.html Maven / Gradle / Ivy
To Enable Message Security for Application Clients
Client providers must have the same message protection policies as the server-side providers
with which they interact. This is already the case for the providers configured
(but not enabled) when GlassFish Server is installed.
To enable message security for application clients, modify the GlassFish Server specific configuration
for the application client container.
- Stop any client applications that depend on the client container descriptor.
- In a text editor, open the Sun application client container descriptor, located in
domain-dir/config/sun-acc.xml.
- To enable the default client provider in the application client, add the default-client-provider
attribute to the element to the message-security-config element .
The surrounding code is shown for context and may differ slightly in your
installation. Do not change it.
<client-container>
<target-server name="your-host" address="your-host"
port="your-port"/>
<log-service file="" level="WARNING"/>
<message-security-config auth-layer="SOAP"
default-client-provider="ClientProvider">
<provider-config
class-name="com.sun.enterprise.security.jauth.ClientAuthModule"
provider-id="ClientProvider" provider-type="client">
<request-policy auth-source="sender"/>
<response-policy/>
<property name="security.config"
value="C:/Sun/AppServer/lib/appclient/wss-client-config.xml"/>
</provider-config>
</message-security-config>
</client-container>The message security provider configured in the client container must have access to
private keys and trusted certificates. To provide it access, set the values for
the following system properties in the application client startup script:
-Djavax.net.ssl.keyStore
-Djavax.net.ssl.trustStore
See Also