Integration Server 10.11 | Web Services Developer’s Guide | Securing Web Services Using the WS-Security Facility | WS-Security Facility Policy Reference | Signature Element for Inbound Messages
 
Signature Element for Inbound Messages
These settings indicate how to process signature information contained in the incoming SOAP header.
Allow Expired Certificates
If this attribute is set to “False,” generates an exception when a signature is encountered that was created with an invalid certificate (either expired or not yet valid). If this attribute is set to “True,” message signatures created with an expired signing certificate are allowed.
Default: False
Example
<Signature
AllowExpiredCerts="True"/>
Validate Signing Certificate
When set to “True,” the signing certificate will be validated to ensure that it is signed by a trusted authority.
Default: False
Example
<Signature
ValidateSigningCert="True"/>
Authenticate with Signing Certificate
This setting specifies that the certificate used for authentication has been mapped to a valid user using Integration Server’s certificate mapping facility.
Default: True
Example
<Signature
AuthenticateWithSigningCert="True"/>
Require Signed Body
When set to “True,” requires that the body of the SOAP message body be signed or else an exception is thrown. Signatures are still verified when this attribute is set to “False,” however, no exception is thrown if the SOAP body is not digitally signed.
Default: True
Example
<Signature
RequireSignedBody="False"/>