Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 6 Managing SOAP Operations : SOAP Operation Properties

SOAP Operation Properties
Signing, encryption, and UsernameToken authentication can be enabled for an operation by using the Notify Request Action tab for the Notify operation, and by using the Request Action and Response Action tabs for the synchronous Request-Response operation. Both the request and response messages can be signed, encrypted, and authenticated.
Details are explained in the fields Require Digital Signature, Require Content Encryption, and Require UsernameToken Authentication for these tabs:
See Document Security Tab for information on how to set certificates and keys for signing and encryption.
If the Require Digital Signature, Require Content Encryption, and Require UsernameToken Authentication check boxes are cleared, these security elements are not applied to the outbound messages. However, for inbound messages, if certain check box is cleared on inbound side operation configuration, whether the specific security feature is applied or not, the inbound messages are received.
Notify Operation
You can use two tabs for Notify operation: the Notify Operation tab and Notify Request Action tab.
Notify Operation Tab
Use the Notify Operation tab to specify general information about the operation that BusinessConnect receives.
Notify Request Action Tab
Use the Notify Request Action tab to specify how BusinessConnect processes a message.
Send the outbound action message with WSS:UsernameToken where the user name and password are provided by the private process, which is the message producer.
Require that the inbound message of the same operation must also carry the WSS:UsernameToken element to be used for the inbound message authentication. If the inbound message does not have the WSS:UsernameToken element, the message is rejected with an error message being replied to the trading partner.
If your trading partners use WSS:UsernameToken to authenticate the message they send to you, you must define the external users associated with these trading partners.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
Note: This schema is only used for validating the customized SOAP header. The partyInfo, security and WS-Addressing elements are not included.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
See Appendix B, Schema Validation for information on validating schemas.
Synchronous Request-Response Operation
You can use three tabs for Synchronous Request-Response operation: Synchronous Request-Response Operation tab, Request Action tab, and Response Action tab.
Synchronous Request-Response Operation Tab
Use the Synchronous Request-Response Operation tab to specify general information about the operation.
Request Action Tab
Use the Synchronous Request-Response Request Action tab to specify how BusinessConnect processes a request.
Send the outbound action message with WSS:UsernameToken where the user name and password are provided by the private process, which is the message producer.
Require that the inbound message of the same operation must also carry the WSS:UsernameToken element to be used for the inbound message authentication. If the inbound message does not have the WSS:UsernameToken element, the message is rejected with an error message being replied to the trading partner.
If your trading partners use WSS:UsernameToken to authenticate the message they send to you, you must define the external users associated with these trading partners.
When this feature is used, provide all the required values in the saml node from the private process, such as the AttributeStatement and AuthzDecisionStatement elements that are required by the NHIN/esMD Authorization Framework. Errors occur if any of the required values is missing.
Note: On inbound side, if this check box is selected, all the SAML elements required by the NHIN/esMD Authorization Framework are checked, and errors occur if any of the required elements is missing. If this check box is not selected, the inbound messages are still processed but requirement check is not performed.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
Note: This schema is only used for validating the customized SOAP header. The partyInfo, security and WS-Addressing elements are not included.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
Response Action Tab
Use the Synchronous Request-Response Response Action tab to specify how BusinessConnect processes a response.
Send the outbound action message with WSS:UsernameToken where the user name and password are provided by the private process, which is the message producer.
Require that the inbound message of the same operation must also carry the WSS:UsernameToken element to be used for the inbound message authentication. If the inbound message does not have the WSS:UsernameToken element, the message is rejected with an error message being replied to the trading partner.
If your trading partners use WSS:UsernameToken to authenticate the message they send to you, you must define the external users associated with these trading partners.
When you select this check box, do not select the Require Digital Signature check box.
Note: If the NHIN/esMD Authorization Framework check box is cleared, the signature confirmation is not applied to the responses.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
Note: This schema is only used for validating the customized SOAP header. The partyInfo, security and WS-Addressing elements are not included.
If no file is displayed, you can add a schema by clicking on the change link, browse to the location of another schema, and load it for validation. If an existing schema file is displayed, you can replace it by using the change link, or remove it by using the remove link.
The default is 3600 seconds (60 minutes).
See Appendix B, Schema Validation for information on validating schemas.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved