Copyright © Cloud Software Group, Inc. All Rights Reserved

SECURITY

The SECURITY tab of the Config UI provides the configuration parameters for the following areas:

WSS

The WSS tab on the Config UI allows you to register the WSS resources with the gateway.

To add a new WSS resource, follow these steps:

1.	Click the WSS tab.

2.	Click the Add property icon to create a new WSS resource.

3.	Enter the details for WSS resource parameters, as follows:

Table 46 WSS Resource Configuration Parameters

Parameter	Description
WSS Name	The unique name which identifies a WSS configuration.
Type	The type of WSS configuration. Select the type from the drop-down list. The possible values are: − WSS − Subject Identity − Trust Identity
New Property File	A new property file which defines the WSS resources configuration. See Define the WSS Configuration Properties file.
Existing Property Files	Select an existing WSS resources configuration property file. The file must exist in the ASG_CONFIG_HOME/ASG_Project_Configuration/wss directory.

KeyStores

Using the KeyStores tab on the Config UI, you can upload the keystore configuration.

To add a new keystore file, follow these steps:

1.	Click the KeyStores tab.

2.	Click the Add property icon to upload a new keystore file.

3.	Enter the details for keystores file, as follows:

Table 47 KeyStore Configuration Parameters

Parameter	Description
New KeyStores File	Specifies the security certificate files such as .jks type files.
Existing KeyStores Files	Specifies the existing security certificate files. The files exist in the ASG_CONFIG_HOME/ASG_Project/wss/keystores

 

Policy Mapping

Using the Policy Mapping tab on the Config UI, you can upload a policy file.

To upload a new policy file, follow these steps:

1.	Click the Policy Mapping tab.

2.	Click the Add property icon to upload a new policy file.

3.	Enter the details for the policy file, as follows:

Table 48 Policy Mapping Configuration Parameters

Parameter	Description
Policy Name	Specifies the name for the policy.
Intent(Type)	Sets the type of the policy. For example, Authentication. See Security Policies for details.
Qualifier (SubType)	Sets the policy sub type. For example, UsernameToken See Security Policies for details.
New Policy File	Specifies the policy definition file. Browse to choose a new policy file. See Security Policies for details.
Existing Policy File	Specifies an existing policy definition file. The policy file must exist in the gateway ASG_CONFIG_HOME/configuration/policy folder. For example, for the default configuration, the policy file must exist in the ASG_CONFIG_HOME/default/policy folder.

Policy Binding

Using the Policy Binding tab on the Config UI, you can associate a registered policy with one or more target operation endpoints.

To map a policy to an target operation, follow these steps:

1.	Click the Policy Binding tab.

2.	Click the Add property icon to map a policy file.

3.	Enter the details for policy mapping configuration, as follows:

Table 49 Policy Mapping Configuration Parameters

Parameter	Description
Policy	Specifies a name for the policy. The policy name must be configured under the Policy Mapping tab.
URI	Specifies the URI of the operation to which the policy is applied.
Transport	Specifies the transport of the request. For example, HTTP, HTTPS, JMS, or SOAP.
facade Operation	Specifies the operation to which the policy is applied. The facade operation must be configured in the Facade Operations tab.
Binding	Specifies the binding component that the policy is applied to. This could be either a facade operation (service) or a target operation (reference).
Flow	Specifies the flow of the request. The possible values are: − in − out
Target Operation	Specifies the target operation. The target operation must be configured in the Target Operations tab.

 

Copyright © Cloud Software Group, Inc. All Rights Reserved