WSDL security editor reference

With the WSDL security editor you can create and edit security configurations for a WSDL file.


Keystores

In this page, you can edit the keystores that are used for the WSDL file. The keystore contains the public and private keys required for the specified security protocol.

Defined Keystores

Click Add or Remove to add or remove keystore files from the workbench.

Keystore Details

Location and file name of the selected keystore. Click Browse to select a different file.

Name

Name of the keystore. This name is used throughout the test instead of the file name.

File

Click Browse to specify a keystore file containing a valid server certificate. The following formats are supported:

  • KS
  • JKS
  • JCEKS
  • PKCS12 (p12 or PFX)
  • PEM

Password

If the keystore file is encrypted, set the required password.


Security Stacks

In this page you can edit the security algorithm stacks that the security protocol uses. Security stacks are a set of algorithms that are executed in a given order.

Security Stacks

Click Add, Remove, or Rename to add, remove, or rename the security stacks that are associated with the WSDL file.

Security Algorithm Details

Click Add, Insert, or Remove to add or remove security algorithms in the stack. Click Up and Down to change the order of a selected algorithm in the security stack. The following security algorithms can be added to the security stack:

Time Stamp

The time stamp security algorithm adds time stamp information to the XML document in the response. For details on security algorithms, refer to the web service security specification.

Actor / Role name

Specify the name of the recipient of the algorithm header element, if required.

Must understand

Select whether it is mandatory that the algorithm header is processed by the recipient, if required. The recipient is either the Actor name or the server.

Expiration delay

Specify the delay after which the time stamp expires.

Millisecond precision

Select this option to produce a time stamp that uses millisecond precision instead of the default (1/100th second).

User name token

The user name token security algorithm adds a user name token to the XML document in the message. For details on security algorithms, refer to the web service security specification.

Actor / Role name

Specify the name of the recipient of the algorithm header element, if required.

Must understand

Select whether it is mandatory that the algorithm header is processed by the recipient, if required. The recipient is either the Actor name or the server.

Name

Type the name of the user.

Password

Type the password of the user.

Password type

Specify the password type for the security algorithm as defined in the Web Services Security UsernameToken profile.

XML Encryption

The XML encryption security algorithm specifies how the XML document is encrypted. For details on security algorithms, refer to the web service security specification.

Actor / Role name

Specify the name of the recipient of the algorithm header element, if required.

Must understand

Select whether it is mandatory that the algorithm header is processed by the recipient, if required. The recipient is either the Actor name or the server.

Identifier type

Select the type of key identifier to be used for the encryption. The following key identifiers are available, as defined in the Web Services Security (WSS) specification X509 profile and the OASIS WSS 1.1 specification:

  • ISSUER_SERIAL
  • BST_DIRECT_REFERENCE
  • X509_KEY_IDENTIFIER
  • SKI_KEY_IDENTIFIER
  • EMBEDDED_KEYNAME
  • THUMBPRINT_IDENTIFIER
  • ENCRYPTED_KEY_SHA1_IDENTIFIER

User XPath part selection

This enables you to specify an XPath query that describes parts of the XML document that can be subjects of the algorithm. By default, the body is the subject.

Key

Select the key used for the encryption. The details of each key vary.

  • x509 key: This specifies the name and password of the x509 key and the keystore where it is located.
  • Raw key: This specifies the name and the byte value of your SecretKey in hexadecimal.
  • Encrypted key: This specifies a reference to an encrypted key that was previously defined in the security stack. Click Insert a new encrypted key to create a new encrypted key definition block.

Encoding Algorithm Name

Specify the encryption method to be used as defined in the XML Encryption Syntax and Processing specification.

Key Encoding Algorithm

Specify the standard algorithm for encoding the key as defined in the XML Encryption Syntax and Processing specification.

XML Signature

The XML signature security algorithm specifies how the XML document is signed. For details on security algorithms, refer to the web service security specification.

Actor / Role name

Specify the name of the recipient of the algorithm header element, if required.

Must understand

Select whether it is mandatory that the algorithm header is processed by the recipient, if required. The recipient is either the Actor name or the server.

Security token

Select the type of key identifier to be used for the signature. The following key identifiers are available, as defined in the the Web Service Security (WSS) specification X509 profile and OASIS WSS 1.1 specification:

  • ISSUER_SERIAL
  • BST_DIRECT_REFERENCE
  • X509_KEY_IDENTIFIER
  • SKI_KEY_IDENTIFIER
  • KEY_VALUE
  • USER_NAME_TOKEN
  • CUSTOM_SYMM_SIGNATURE

In addition, the following identifiers are available when the signature is based on a UsernameToken profile:

  • USER_NAME_TOKEN
  • CUSTOM_SYMM_SIGNATURE

User XPath part selection

Specify an XPath query that describes parts of the XML document that can be subjects of the algorithm. By default, the body is the subject. Click the XPath Helper button to build the Xpath expression.

Key

Select the key used for the encryption. The details of each key vary.

  • x509 key: This specifies the name and password of the x509 key and the keystore where it is located.

  • User name token key: This specifies a user name and password for the signature.
  • Encrypted key: This specifies a reference to an encrypted key that was previously defined in the security stack. Click Insert a new encrypted key to create a new encrypted key definition block.

Signature algorithm name

Specify the signature method algorithm as described in the XML Signature Syntax and Processing specification.

Canonicalization

Specify the canonicalization method to be used as described in the XML Signature Syntax and Processing specification.

Inclusive namespaces

Specify whether the canonicalization is exclusive as described in the Exclusive XML Canonicalization specification.

Custom Security Algorithm

To use a Java™ class as a custom security algorithm, then use this stack element to apply the custom algorithm to the service.

Java Project

If you have not implemented a custom Java class, select Java Project, type a name for the new project, and click Generate to create a new Java class with the default structure for custom security implementations.

If you are using IBM Rational AppScan, this field is not available.

Implementation class

Specify the name of the class that implements the custom security algorithm. Click Browse Class to select an existing Java class from the workspace.

Properties

Use this table to send any specific properties and associated values to the custom security algorithm.


Error 404 - Not Found

Error 404 - Not Found

The document you are looking for may have been removed or re-named. Please contact the web site owner for further assistance.