Integration Server 10.3 | Web Services Developer’s Guide | Securing Web Services Using WS-SecurityPolicy | Policies Based on WS-SecurityPolicy that Integration Server Provides
 
Policies Based on WS-SecurityPolicy that Integration Server Provides
 
Username_Over_Transport
Username_Signature
Username_Encryption
Username_Signature_Encryption
X509Authentication
X509Authentication_Signature
X509Authentication_Encryption
X509Authentication_Signature_Encryption
SAMLAuthentication
SAMLAuthentication_Signature
SAMLAuthentication_Encryption.policy
SAMLAuthentication_Signature_Encryption.policy
KerberosAuthentication Policy
Integration Server provides pre-defined WS-Policies based on WS-SecurityPolicy. These policies contain settings for a number of standard security configurations. You can attach WS-Policies at the binding operation message type level, such as input, output, and fault, in consumer and provider web service descriptors.
Note:
When attaching pre-defined WS-Policies, ensure that you attach the policies at the appropriate binding operation message type levels.
In the policies, WS-SecurityPolicy assertions for authentication apply only to request messages, that is, to:
*Consumer outbound request messages
*Provider inbound request messages
WS-SecurityPolicy assertions for message integrity and confidentiality apply to all request and response messages.
The out-of-the-box policies are in the following directory:
Software AG_directory \IntegrationServer\instances\instance_name\config\wss\policies
You can use these policies as is, or you can use them as templates when creating your own custom policies.
All of the out-of-the-box policies include a Timestamp token to guard against replay attacks. The following table provides a quick glance at the other security options that each policy provides. Each policy is described in detail in the sections that follow the table.
Policy
Authentication
SOAP Body Signature
SOAP Body Encryption
Username
Username
X
Username
X
Username
X
X
X.509 certificates
X.509 certificates
X
X.509 certificates
X
X.509 certificates
X
X
SAML
SAML
X
SAML
X
SAML
X
X
Kerberos