+

Search Tips   |   Advanced Search


Create a SOAP security profile for a WSDL

You can create SOAP security profiles for use with Web service calls or message returns that require message encryption, signature or other advanced security algorithms.

Before creating a security configuration, have a Web Services Description Language (WSDL) file in workspace.

If the Web service uses digital certificates for encrypting or signing calls or message returns, have the corresponding Java™ key store (JKS) key store files in workspace. To create a SOAP security configuration:

  1. In the test navigator or project explorer, right-click the WSDL file and select Configure WSDL Security. This opens the WSDL security editor.

  2. If the security configuration requires digital certificates, click the Key Stores tab.

    1. Click Add, and select a JKS file from the workspace.

    2. Type a Name for the new key store.

    3. Type a password to access the JKS file, if required.

  3. Click the Security Algorithms tab. Algorithms are described by adding elements to a stack. When the algorithm is executed, each element in the stack is executed in the specified order.

  4. In the Security Algorithms area, click Add to create a new algorithm stack, and click Rename to change the default name.

  5. In the Algorithm Stack Details area, click Add to add a new algorithm element to the stack. You can add time stamps, user-name tokens, encryption, or signatures.

  6. Edit each element in the stack according to the requirements of the Web service.

    Encryption and signature stack elements can be applied to portions of the Web service call or message return document by specifying an Xpath query in User Xpath part selection. For example, you can encrypt one XML element with one encryption stack element, and another element with another stack element. You can use the Web Service Protocol Data view to help identify the correct Xpath query for this option.

  7. When all the stack elements are complete, verify execution order is correct. If necessary, use the Up and Down buttons to change the order of elements in the stack.

  8. Repeat steps 4 through 7 to create as many algorithms as are required for the Web service.

  9. Click the Algorithms by WSDL Operations tab. This page enables you to associate an algorithm with each Web service call and message return.

  10. In the WSDL Contents column, select a Web service call or message return.

  11. In the Algorithm Stack column, select an algorithm from the list. If necessary, click << to open the stack on the Security Algorithms page.


What to do next

After saving the security configuration, the Web Service Protocol Data view displays the effect of the security algorithm on the XML data of the Web service.


Related

  • Web service security editor overview


    Related tasks

  • Implement a custom security algorithm
  • Add WS-Addressing to a security configuration