Symmetric signature and encryption policies settings
To create the trust context to use symmetric tokens. Using the same token for signing and validating messages and encrypting and decrypting messages increases performance. Use symmetric tokens within a trust context. following options:
- Click Services > Policy sets > Application policy sets.
- Select a policy_set_name in the policy sets table that contains WS-Security content.
- Click WS-Security in the policies table.
- Click the Main policy link or the Bootstrap policy link.
- Click the Symmetric signature and encryption policies link.
- Message Integrity – Token type for signing and validating messages
Current token type used for signing and validating messages.
To change the current token type that is displayed in the Token type for signing and validating messages field or to edit the displayed token type, click Action.
- Message Confidentiality – Use same token type for confidentiality used for integrity
Whether the token type set for signing and validating messages is also used for encrypting and decrypting messages. For a Kerberos token, message confidentiality uses the same token used for the message integrity.
If we select this check box, then the Token type for encrypting and decrypting messages field is blank. If we clear this check box, then a different token can be used for message confidentiality.
- Message Confidentiality – Token type for encrypting and decrypting messages
Current token type used for encrypting and decrypting messages.
To change the current token type that is displayed in the Token type for encrypting and decrypting messages field or to edit the displayed token type, verify that the Use the same token type for confidentiality used for integrity protection check box is cleared, and click Action.
- Action
Enables the token type selected to be changed or edited.
The Action button lists supported token types and provides the following options:
When you change the token type, any values specified for the former token type are lost, and the default values for the newly assigned token type are used.
- Edit selected type policy
- Opens a page to edit the token type for signing or encrypting fields.
- Change to Secure Conversation
- Changes the token type to Secure Conversation.
- Change to custom type
- Opens the custom type page to specify the Uniform Resource Identifier (URI) for a custom token type.
Related tasks
Set the WS-Security policy
Manage policy sets
Related
Token type settings
Application policy sets collection
Application policy set settings
Asymmetric signature and encryption policies settings
Main policy and bootstrap policy settings