ebXML Module 7.1 SP1 | Understanding and Using webMethods EBXML Module | Installing and Using ebxml Module | ebXML Module Security Features | Configuring XML Signature Support
 
Configuring XML Signature Support
To configure XML signature support, set the appropriate TPA parameter to enable or disable the XML signature/verification for outbound and inbound messages.
*To configure the ebXML Module for XML signature support
1. Start the Trading Networks Console.
2. Open the agreement for edit:
a. From the Trading Networks Console, select View > Agreements.
b. Select the agreement you would like to edit. ClickEdit.
The Agreements Details screen appears.
c. On the right side of the Agreement Details screen, click Set Inputs.
The input for com.wm.estd.ebxml.documents appears.
Note:
You can edit the TPA parameters in an agreement only if the Agreement Status is Proposed. For information about changing the TPA agreement status, see the webMethods Trading Networks Administrator’s Guide for your release.
3. Modify the default TPA parameters, as necessary. For a list of the TPA parameters and the valid values for individual parameters, see Trading Partner Agreement Parameters Version 2. 0 and Trading Partner Agreement Parameters Version 2. 0.
4. Enable XML signature for outbound and inbound messages, as follows:
*For ebXML Message Service Version 1.0 Specification messages, set the following TPA parameter as shown below:
Parameter
Description
CollaborationProtocolAgreement.PartyInfo.DeliveryChannel.Characteristics:nonrepudiationOfOrigin
Set the value to true to enable the XML signature/verification for outbound and inbound ebXML Message Service Version 1.0 Specification messages, else set the value to false.
*For ebXML Message Service Version 2.0 Specification, set the following TPA parameter as shown below:
Parameter
Description
CollaborationProtocolAgreement.PartyInfo.CollaborationRole.ServiceBinding.CanSend.ThisPartyActionBinding.BusinessTransactionCharacteristics:isNonRepudiationRequired
Set the value to true to enable the XML signature/verification for outbound and inbound ebXML Message Service Version 2.0 Specification messages, else set the value to false.
5. Set the appropriate TPA parameters for XML signature support, as follows:
*For ebXML Message Service Version 1.0 Specification messages, set the following TPA parameters as shown below:
Parameter
Description
CollaborationProtocolAgreement.PartyInfo.DeliveryChannel.Characteristics:nonrepudiationOfOrigin
Set the value to true if XML signature support is required, else set the value to false.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLBinding.NonRepudiation.Protocol:body
Set the value to http://www.w3.org/2000/09/xmldsig# only if the CollaborationProtocolAgreement.PartyInfo.DeliveryChannel.Characteristics.nonrepudiationOfOrigin parameter is set to true.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLBinding.NonRepudiation:HashFunction
Set the value to http://www.w3.org/2000/09/xmldsig#sha1only if the CollaborationProtocolAgreement.PartyInfo.DeliveryChannel.Characteristics.nonrepudiationOfOrigin parameter is set to true.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLBinding.NonRepudiation:SignatureAlgorithm
Set the value to http://www.w3.org/2000/09/xmldsig#rsa-sha1or http://www.w3.org/2000/09/xmldsig#dsa-sha1only if the CollaborationProtocolAgreement.PartyInfo.DeliveryChannel.Characteristics.nonrepudiationOfOrigin parameter is set to true.
Note:
rsa-sha1 and dsa-sha1 are the allowed signature algorithms.
*For ebXML Message Service Version 2.0 Specification, set the following TPA parameters as shown below:
Parameter
Description
CollaborationProtocolAgreement.PartyInfo.CollaborationRole.ServiceBinding.CanSend.ThisPartyActionBinding.BusinessTransactionCharacteristics:isNonRepudiationRequired
Set the value to true if XML signature support is required, else set the value to false.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLSenderBinding.SenderNonRepudiation:NonRepudiationProtocol
Set the value to http://www.w3.org/2000/09/xmldsig# only if the CollaborationProtocolAgreement.PartyInfo.CollaborationRole.ServiceBinding.CanSend.ThisPartyActionBinding.BusinessTransactionCharacteristics:isNonRepudiationRequired parameter is set to true.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLSenderBinding.SenderNonRepudiation:HashFunction
Set the value to http://www.w3.org/2000/09/xmldsig#sha1only if the CollaborationProtocolAgreement.PartyInfo.CollaborationRole.ServiceBinding.CanSend.ThisPartyActionBinding.BusinessTransactionCharacteristics:isNonRepudiationRequired parameter is set to true.
CollaborationProtocolAgreement.PartyInfo.DocExchange.ebXMLSenderBinding.SenderNonRepudiation:SignatureAlgorithm
Set the value to http://www.w3.org/2000/09/xmldsig#rsa-sha1or http://www.w3.org/2000/09/xmldsig#dsa-sha1only if the CollaborationProtocolAgreement.PartyInfo.CollaborationRole.ServiceBinding.CanSend.ThisPartyActionBinding. BusinessTransactionCharacteristics:isNonRepudiationRequired parameter is set to true.
Note:
rsa-sha1 and dsa-sha1 are the allowed signature algorithms.