CentraSite Documentation : Runtime Governance with CentraSite : Run-Time Governance Reference : Built-In Run-Time Actions Reference for Virtual Services : Run-Time Actions Reference for Virtual Services : Require Signing
Require Signing
This action requires that a request's XML element (which is represented by an XPath expression) be signed. This action supports WS-SecurityPolicy 1.2.
Prerequisites
1. Configure Integration Server: Set up keystores and truststores in Integration Server, as described in webMethods Integration Server Administrator’s Guide .
2. Configure Mediator: In the Integration Server Administrator, navigate to Solutions > Mediator > Administration > General and complete the IS Keystore Name, IS Truststore Name and Alias (signing) fields, as described in Administering webMethods Mediator . Mediator uses the signing alias specified in the Alias (signing) field to sign the response.
When this action is set for the virtual service, Mediator validates that the requests are properly signed, and provides signing for responses. Mediator provides support both for signing an entire SOAP message body or individual elements of the SOAP message body.
Mediator uses a digital signature element in the security header to verify that all elements matching the XPath expression were signed. If the request contains elements that were not signed or no signature is present, then Mediator rejects the request.
Note:  
Keep the following in mind:
1. You must map the public certificate of the key used to sign the request to an Integration Server user. If the certificate is not mapped, Mediator returns a SOAP fault to the caller.
2. You can include this action multiple times in a policy.
Input Parameters
Namespace
String Optional. Namespace of the element required to be signed.
Note:  
Enter the namespace prefix in the following format: xmlns:<prefix-name> . For example: xmlns:soapenv.
The generated XPath element in the policy should look similar to this:
<sp:SignedElements
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-security
policy/200702">
<sp:XPath
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
//soapenv:Body</sp:XPath>
</sp:SignedElements>
Element Required to be Signed
String An XPath expression that represents the XML element that is required to be signed.
Copyright © Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback