When the policy is attached to: | Message type | To enforce the policy, Integration Server... |
Provider web service descriptor | inbound request | Requires a SAML token in the security header. Integration Server authenticates the sender of the inbound request messages using the client certificate from the SAML token. |
outbound response | Adds a signed Timestamp token to the security header. Integration Server determines the timestamp expiration date to specify using the WS Security Properties of the endpoint alias or by using watt.server.ws.security server configuration parameters. For more information, see webMethods Integration Server Administrator’s Guide. Integration Server signs the Timestamp token using the its private key. |