WSS Provider
This policy is WSS Provider acts on the Server side to ensure that the confidentiality, integrity, and timestamp of a request remains secure.
To maintain confidentiality, a request is encrypted at its endpoint. To maintain integrity, the request is verified for a valid signature. To track the time of the request, a timestamp is inserted in the request.
Policy | Shared Resource | Object Group Types |
---|---|---|
WSS Provider |
|
|
Property | Description |
---|---|
WSS Processor | The provider for the WSS authentication service.
This option is required if authentication, decryption, signature verification or timestamp verification is required on the inbound request. |
Authentication | Enforce authentication on request. |
Confidentiality | Decrypt requests and encrypt responses. |
Integrity | Verify signature on request and/or sign response. |
Timestamp | Verify timestamp on request and/or set timestamp on response. |
Property | Description |
---|---|
WSS Processor | Specify a Resource Template for WSS Processing. |
Authentication | Authentication can be done in the following ways:
|
Verify Username Token | No additional configuration required |
Verify SAML token | Select one of the following confirmation methods:
Select one of the following security token types:
Specify Issuer Name. |
Verify Kerberos token | Specify Service Name. |
Confidentiality | Select Decrypt Request and/or Encrypt Response. |
Decrypt Request | No additional configuration required. |
Encrypt Response |
Select one of the following:
If you select the option Use a resource template for encryption:
Select which one of the following should be encrypted:
|
Integrity | Select Verify signature on request and/ or Sign Response. |
Verify signature on request | Select from the following options from the drop-down,
Verify parts that are signed:
|
Sign response | Select a
Resource template for signing Select which of the following should be signed:
|
Timestamp | Select from the following:
|