+

Search Tips   |   Advanced Search

Set generator signing information to protect message integrity using the WSS APIs


Configure the signing information to protect message integrity for the request (client side) generator binding. Signing information includes the signature and the signed parts. To keep the integrity of the message, digital signatures are typically applied.

In addition to using a digital signature and configuring the signing information, the following tasks should also be performed:

Integrity refers to digital signature while confidentiality refers to encryption. Integrity is provided by applying a digital signature to a SOAP message. To configure the signing information to protect message integrity, first digitally sign and then verify the signature for the SOAP messages. Integrity decreases the risk of data modification when you transmit data across a network.

Also, message integrity is provided by digitally signing the body, time stamp, and WS-Addressing headers using the signature algorithm methods. The WSS APIs specify which algorithm is to be used to sign the certificate. The signature algorithms specify the Uniform Resource Identifiers (URI) of the signature method. WAS supports several pre-configured request signing algorithm methods. Use the following interfaces to configure WS-Security and to protect SOAP message integrity:

Perform the following signing tasks, using the WSS APIs, to configure the signing information and to protect message integrity for the generator binding.

 

 

Results

The WSS APIs also specify the security token for the generator (client) binding and set the type of token reference to protect message authenticity. By completing the steps in these tasks, we have configured generator signing to protect the integrity of the SOAP message.

 

Next steps

Next, verify the consumer signing information by using the WSS APIs or by configuring policy sets using the admin console.


Set the signing information using the WSS APIs
Set the signature information using the WSSSignature API
Add signed parts using the WSSSignPart API
Set the client for request signing methods
Digital signing methods using the WSSSignature API
Signed parts methods using the WSSSignPart API

 

Related tasks


Verifying consumer signing information to protect message integrity using WSS APIs
Secure messages at the request generator using WSS APIs

 

Related


Symmetric signature and encryption policies settings