MQSeries.net :: View topic

KIT_INC · Posted: Wed Sep 26, 2007 11:53 am Post subject: Web Service security

I am using WMB V6 on Winodws. We just initiated a project to use Web Services over http/s to our head office. Our WMB will act as a Web Service client requesting for service. I am new to this and need some assistance on estimate the effort to do this. I do not have all the detail yet. I have read the MB info center regarding the set up of WMB to do http/s. I have also look at the sample to create the SOAP request message. It seems quite straight forward. The only thing that I cannot see in the WMB Info center is regarding the use of security token in the SOAP header. I do not have all the info from our head office yet. But , at a high level, I was told that I need to pass a security token (a certificate) given to us by the head quarter in the SOAP header. I am new to this. Please correct me if I am wrong. I can easily create the soap header to contain the tag which is suppose to contain the security token. But I think the certificate is binary. Do I just insert the binary data inside the xml tags ? or I need to some how extract the certificate and change it into character format ?
My other question is
Where do people normally store the certicate ? My experience with MQ SSL is certificates are stored in special key stores.
How can I code esql to extract the certificate and put it into the soap header.
Please execuse my ignorance if what I ask here is totally wrong, please point me to a place where I can get a description on how this should work.