Integration Server 10.15 | Web Services Developer’s Guide | Securing Web Services Using the WS-Security Facility | WS-Security Facility Policy Reference
 
WS-Security Facility Policy Reference
 
Policy Element
SecurityPolicy Element
InboundSecurity and OutboundSecurity Elements
Timestamp Element for Outbound Messages
Timestamp Element for Inbound Messages
UsernameToken Element
Signature Element for Outbound Messages
Signature Element for Inbound Messages
Encryption Element for Outbound Messages
Encryption Element for Inbound Messages
X509 Authentication Element for Outbound Messages
X509 Authentication Element for Inbound Messages
To use the WS-Security facility you create policy files that specify the security options you want to apply to messages.
Important:
The policy files that the WS-Security facility uses are not standard WS-Policy files. They are a unique format used only by the Integration Server WS-Security facility. Integration Server version 8.2 now provides WS-Security support using standard WS-Policies. For more information, see Securing Web Services Using WS-SecurityPolicy.
The following table describes the XML elements of that you can use in a policy document for the WS-Security facility.
Element
Description
<Policy>
Specifies the policy namespace and the unique identifier of the policy.
<SecurityPolicy>
Contains the elements that describe a WS-Security policy.
<InboundSecurity> -OR- <OutboundSecurity>
Indicates whether the security and authentication information is for an inbound message or an outbound message from the web service.
<Timestamp>
Generates a timestamp that enforces message expiration.
<UsernameToken>
Includes a WS-Security UsernameToken for authentication.
<Signature>
Specifies use of a digital signature.
<Encryption>
Specifies encryption of the SOAP message body.
<X509Authentication>
Includes a WS-Security X.509 Certificate token reference for authentication.