CentraSite Documentation : Runtime Governance with CentraSite : Run-Time Governance Reference : Built-In Run-Time Actions Reference for APIs : Run-Time Actions Reference : Require Signing
Require Signing
This action requires that a request's XML element (which is represented by an XPath expression) be signed.
Prerequisites
1. Configure Integration Server: Set up keystores and truststores in Integration Server, as described in the webMethods Integration Server Administrator’s Guide.
2. Configure Mediator: In the Integration Server Administrator, navigate to Solutions > Mediator > Administration > General and complete the IS Keystore Name, IS Truststore Name and Alias (signing) fields, as described in Administering webMethods Mediator. Mediator uses the signing alias specified in the Alias (signing) field to sign the response.
When this action is configured for a proxy API, Mediator validates that the requests are properly signed, and provides signing for responses. Mediator provides support both for signing an entire SOAP message body or individual elements of the SOAP message body. Mediator uses a digital signature element in the security header to verify that all elements matching the XPath expression were signed. If the request contains elements that were not signed or no signature is present, then Mediator rejects the request.
Note:  
You must map the public certificate of the key used to sign the request to an Integration Server user. If the certificate is not mapped, Mediator returns a SOAP fault to the caller.
Input Parameters
Namespace
String. Mandatory. Namespace of the element required to be signed.
Note:  
Enter the namespace prefix in the following format: xmlns:<prefix-name> . For example: xmlns:soapenv.
The generated XPath element in the policy should look similar to this:
<sp:SignedElements xmlns:sp=
"http://docs.oasis-open.org/ws-sx/
ws-securitypolicy/200702">
<sp:XPath xmlns:soapenv=
"http://schemas.xmlsoap.org/soap/envelope
/">//soapenv:Body</sp:XPath>
</sp:SignedElements>
Element to be Signed
String. Mandatory. An XPath expression that represents the XML element that is required to be signed. See the sample below.
Let's take a look at an example. For the following SOAP message:
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
</soap:Header>
<soap:Body>
<catalog xmlns="http://www.store.com">
<name>My Book</name>
<author>ABC</author>
<price>100</price>
</catalog>
</soap:Body>
</soap:Envelope>
The XPath expression appears as follows:
/soap:Envelope/soap:Body
Copyright © 2005-2015 Software AG, Darmstadt, Germany.

Product LogoContact Support   |   Community   |   Feedback