WS-SecurityPolicy 1.2 Actions
There are two kinds of WS-SecurityPolicy 1.2 actions:
Authentication actions, to verify that the requests for virtual services contain a specified WS-SecurityPolicy element.
CloudStreams provides the following authentication actions:
Require SAML Token: Requires that a WSS Security Assertion Markup Language (SAML) assertion token be present in the SOAP message header to validate service consumers.
Require WSS Username Token: Requires that a WSS username token and password be present in the SOAP message header to validate service consumers.
Require X.509 Token: Requires that a WSS X.509 token be present in the SOAP message header to validate service consumers.
XML security actions, to provide confidentiality (through encryption) and integrity (through signatures) for request and response messages.
CloudStreams provides the following XML security actions:
Require Signing: Requires that a request's XML element (which is represented by an XPath expression) be signed.
Require Encryption: Requires that a request's XML element (which is represented by an XPath expression) be encrypted.
Require SSL: Requires that requests be sent via SSL client certificates, and can be used with both SOAP and REST services.
Include Timestamps: Requires that timestamps be included in the request header.
CloudStreams checks the timestamp value against the current time to ensure that the request is not an old message. This serves to protect your system against attempts at message tampering, such as replay attacks.