Category | Description |
Signature Options | A signature is a means of authenticating a message so that the recipient is certain of the sender’s identity and the integrity of the message content. Signing a message involves encrypting a message digest with the sender’s private key. To verify a signed message, the recipient uses the public key corresponding to the sender’s private key. The signature attributes that the WS-Security facility supports include the following: ![]() ![]() ![]() The WS-Security facility does not support the following signature options: ![]() ![]() |
Encryption Options | The WS-Security implementation encrypts SOAP message bodies using the recipient’s public key. The available encryption options that the WS-Security facility supports include the following: ![]() ![]() ![]() The WS-Security facility does not support the following encryption options: ![]() ![]() ![]() |
Security Timestamps | The WS-Security facility allows you to use a Timestamp element that specifies message expiration time, as well as the precision of the time measurement. This element offers protection against replay attacks, since inbound messages arriving after the expiration time can be invalidated. |
Username and X.509 Certificate Tokens | The WS-Security facility allows you to use either of two WS-Security standard authentication token categories for authenticating a web service: ![]() ![]() |