Defining the WSS security operations

This section explains the steps to define a WSS enabled security operation. An operation is WSS enabled using the Operations tab of the Config UI.

Procedure

  1. On the configuration GUI, click ROUTING tab.
  2. Click the Facade Operations tab.
  3. Add a new operation. Enter the details of the Operation. See Facade Operations.
  4. Check the Enable WSS check box.
  5. Enter the details for WSS enabled operation defined as follows:
    WSS Enabled Operation Configuration
    Parameter Description
    WSS Request This is the name of the WSS configuration from WSS tab. The property file from this configuration is used for northbound request processing.
    WSS Response This is the name of the WSS configuration from WSS tab. The property file from this configuration is used for northbound response processing.
    Encrypt Response This check box flag indicates whether to encrypt the response message.
    Sign Response This check box flag indicates whether to sign the response message.
    Encryption Algorithm Using this list box, select the algorithm to use for data encryption. Supported values are:

    TRIPLE_DES, AES_128, AES_256, AES_192

    Key Algorithm Using this list box, select the algorithm to use for key encryption. Supported values are:

    RSA15, RSAOEP, AES128, AES192, AES256, TRIPLEDES

    Signing Algorithm Using this list box, select the algorithm to use for signing. Supported values are:

    HMAC_MD5, DSA_SHA1, HMAC_SHA1, RSA_SHA1, RSA_MD5, RSA_RIPEMD160, RSA_SHA256, RSA_SHA384, RSA_SHA512, HMAC_RIPEMD160, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512

    Key Type Using this list box, choose a key reference method. Supported values are:

    BST_DIRECT_REFERENCE, ISSUER_SERIAL, X509_KEY_IDENTIFIER, SKI_KEY_IDENTIFIER, EMBEDDED_KEYNAME, EMBED_SECURITY_TOKEN_REF, UT_SIGNING, THUMBPRINT_IDENTIFIER

    Keystore Alias Specifies an alias of the public certificate from the truststore to be used for encryption.