Response consumer binding settings
WS-Security binding for consumption of responses from outbound target.
To view this page in the console, click the following path:
Service integration -> Web services -> WS-Security bindings -> response-consumer-binding_name.
We can configure the service integration bus for secure transmission of SOAP messages using tokens, keys, signatures and encryption in accordance with the Web Services Security (WS-Security) 1.0 specification.
We use WS-Security bindings to secure the SOAP messages that pass between service requesters (clients) and inbound services, and between outbound services and target web services. Bindings provide the information that the run-time environment needs to implement the WS-Security configuration (for example "To sign the body, use this key"),
Bindings are administered independently from any web service that uses them, so we can create a binding then apply it to many web services.
We use a response consumer with an outbound configuration. A response consumer binding consumes the responses from a target web service to an outbound service.
Configuration tab
The Configuration tab shows configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted.
General Properties
WS-Security version
Identifies the version of the WS-Security specification this configuration uses.
Information Value Required No Data type String
Binding Type
The type of binding. This is one of request consumer, request generator, response consumer and response generator.
Information Value Required No Data type String
Name
The name of the binding.
This name must be unique, and it must obey the following syntax rules:
- It must not start with "." (a period).
- It must not start or end with a space.
- It must not contain any of the following characters: \ /, # $ @ : ; " * ? < > | = + & % '
Information Value Required Yes Data type String
Use defaults
Specifies whether to use the default binding information. When this option is enabled, Web Services Security uses the default binding information instead of the custom binding information that is defined here.
Information Value Required No Data type Boolean
Additional Properties
- Signing information
- Configuration for the signing parameters. We also can use these parameters for X.509 certificate validation when the authentication method is IDAssertion and the ID type is X509Certificate in the server-level configuration. In such cases, only fill in the Certificate path field.
- Encryption information
- Configuration for the XML encryption and decryption parameters. If the data and key encryption algorithms are specified, the application server only accepts elements that are encrypted with those algorithms.
- Token consumers
- Parameters for the token consumer. The information is used only on the consumer side to process the security token. Because we can plug in a custom token consumer, specify a Java class name.
- Key information
- Related configuration needed to generate the key for XML digital signature or XML encryption.
- Key locators
- List of key locator configurations that retrieve the key for signature and encryption. We can customize a key locator class to retrieve keys from other types of repositories. The default implementation retrieves keys from a keystore.
- Collection certificate store
- List of untrusted, intermediate certificate files. This collection certificate store is used for certificate path validation of incoming X.509-formatted security tokens. The root-trusted certificates are specified in the Trust anchors panel.
- Trust anchors
- List of keystore configurations that contain root-trusted certificates. These configurations are used for certificate path validation of the incoming X.509-formatted security tokens. We must create the keystore using the key tool utility. Do not use the key management utility because it does not create a keystore with the expected format.
- Properties
- Specifies additional properties for the configuration.