+

Search Tips   |   Advanced Search

Signed part settings

Use this page to define the elements of a signed part. Signed parts are used to protect message integrity and, in this case, the signed parts are being defined as part of the policy set process.

To view this administrative console page:

  1. Click Services > Policy sets > Application policy sets > policy_set_name.

  2. Click the WS-Security policy in the Policies table.

  3. Click either the Main policy link or the Bootstrap policy link.

  4. Click the Request message part protection link or the Response message part protection link in the Message Part Protection section.

  5. In the Integrity protection section, complete one of the following actions:

    • Click Add to add a new signed part.

    • Select an existing signed part and click Edit.


Name of part to be signed

Name of this set of one of more message parts that we have selected to sign. The name we choose is a label and must be unique within the Response message part protection or Request message part protection collections for this WS-Security policy.


Elements in part

List of the message elements included in the signed part. The Elements in part field contains a listing of message elements included in this signed part to provide message integrity.

Click Add to add an element to the signed part of the message. To remove a message element from a signed part of a message, first click the selection box next to the element to be removed, then click Remove. Use the OK, Apply, Reset or Cancel buttons for the text entry fields. The QName or the Xpath expression value is required and can be edited at any time, such as when adding a new element, or after the element is added.


Protect message body

Specifies if the message body is protected in this part. To protect the message body in this part, click Protect message body.


XPath expression

Specifies if the displayed XPath expression is used as the method for specifying that a specific element is included in this part.

Select XPath from the Add menu list and provide an expression in the new XPath entry displayed in the table. Any Xpath expression row on the table with no corresponding value is removed when you click OK or Apply.


QName for SOAP header elements only

The Qname type for a namespace value for the SOAP header element to encrypt. To encrypt a SOAP header element, select Qname and provide the namespace and optionally the localname of the SOAP header element in the Value field. When specifying the Qname, if using the optional localname, a comma must be inserted between the namespace and the localname, for example namespace,localname. If the localname is omitted, all SOAP header elements with the specified namespace are encrypted. To use the Qname selection method, the SOAP header elements must be the immediate children of the SOAP header. Any Qname row in the table with no corresponding value is removed when you click OK or Apply.

Restriction: We cannot select header elements that are sub-elements of other elements in the SOAP header using Qname. In this case, we must use an Xpath expression to select these header elements.

  • Configure the WS-Security policy
  • Manage policy sets
  • Main policy and bootstrap policy settings
  • Application policy sets collection
  • Application policy set settings
  • Encrypted message part settings