Outgoing WS Security


If a SOAP web service uses the WS-Security standard defined by OASIS to secure a web service, this policy is added. WS-Security’s X.509 Certificate Profile and UsernameToken Profile are supported.

Figure: Outgoing WS_Security Policy

The following operations must be performed to add the Outgoing WS-Security policy.

  • Name: If the global policy is added, the name of the policy is entered.

  • Description: If a global policy is added, a description can be entered to facilitate policy selection.

  • Must Understand: Set the Must Understand flag to true.

  • Add Entry: The section to add to the message is selected. The selected section applies to the message in the order of insertion. If you want to change the order of operation of the items, the arrow icons next to the item should be used. Click the cross icon in the delete section. Message sections;

    • Timestamp;
      • Time-To-Live (sn): TTL (Time-To-Live) in seconds.
    • Username Token;
      • Username: The username is entered.
      • Password: The password is entered.
      • Nonce: Check to add nonce variable.
      • Created: Check to add created variable.
      • Password Type: The type of password is selected.
    • Encryption;
      • Keystore: Upload a keystore file for encryption.Only JKS is supported.
      • Alias: Enter alias for encryption.
      • Password: Keystore password.
      • Key Identifier Type: Select the key identifier type.
      • Symmetric Encoding Algorithm: Select Symmetric Encoding Algorithm.
      • Key Encryption Algorithm: Select Key Encryption Algorithm.
      • Şifreleme Bölümleri: Content or Element type encryption sections can be edited.
    • Signature;
      • Keystore: The keystore file type must be .jks.
      • Alias: Alias for encryption.
      • Parola: Password of keystore.
      • Key Identifier Type: Key Identifier type is selected.
      • Signature Algorithm: Signature Algorithm is selected.
      • Signature Canonicalization: Canonicalization method is selected.
      • Signature Parts: Signature parts can be edited.
  • Error Message Customization: The desired error code and message are entered for this policy.

  • Click Save button to save the operation.