Supported Types of Message Authentication
Integration Server’s WS-Security facility lets you implement policies for several standard message-based authentication scenarios:
Username/password. You can include a UsernameToken in the header of an outbound message containing the user name and password credentials. The token is authenticated by the message recipient if it is found on inbound messages.
X.509 Signature Authentication. Allows the use of a private key from an X.509 standard certificate to sign a document, thus authenticating the identity of the sender to the receiver. The recipient verifies the signed messages through the matching public key.
Proprietary X.509 authentication. You can include an X.509 certificate or a reference to an X.509 certificate as an authentication token in the message header, without any signing or encryption. This combination of settings supports non-standard X.509 configurations.
Because no signing or encryption is used, you may need to provide additional transport-level security such as SSL to secure the endpoints of the connection.
In addition to these standard categories of authentication, the flexibility afforded by the XML policy elements allows for a high degree of customizing. You can assemble and implement many combinations of authentication options to protect your web service, as long as the web service supports the particular option.