Integration Server 10.7 | Web Services Developer’s Guide | Securing Web Services Using the WS-Security Facility | About the Integration Server WS-Security Facility
 
About the Integration Server WS-Security Facility
 
Usage of WS-Security Standard for WS-Security Facility
Supported Types of Message Authentication
Message Security Options Supported by WS-Security Facility
Policy Files Used by the WS-Security Facility
The Integration Server WS-Security facility is a message-based security implementation in which authentication information is contained in a SOAP message header that is delivered along with the message payload. The facility implements a subset of the WS-Security protection mechanisms described in the WS-Security, version 1.0 standards, such as message signing and encryption, security timestamps, and use of Username and X.509 certificate tokens.
By encapsulating security policy definitions in an XML file, the facility allows you to define different security policies and select any policy for use with one or more Integration Server-based web services configured for WS-Security.
The WS-Security facility and the ability to associate WS-Security handlers to a web service descriptors is for web service descriptors that run in pre-8.2 compatibility mode only.
Note:
The WS-Security facility is deprecated as of Integration Server 10.4 because the web services implementation with which the WS-Security facility is used is deprecated. Specifically, the web services implementation introduced in Integration Server version 7.1 is deprecated.