WSS Provider
The WSS Provider policy acts on the server side to ensure that the confidentiality, integrity, and timestamp of a request remains secure.
General
The General section has the following fields.
Field | Description |
---|---|
Package | The name to be displayed as the label of the policy resource package. |
Name | The name of the policy resource. |
Description | A short description of the policy resource. |
Shared Resource for WSS Processing
The Shared Resource for WSS Processing section has the following fields.
Field | Description |
---|---|
WSS Verification | The WSS Verification shared resource that the WSS Provider policy references. |
Service Provider Details
The Service Provider Details section comprises of the Authentication tab, Confidentiality tab, the Integrity tab, and the Timestamp tab.
Authentication
The Authentication tab has the following fields that you can enable to enforce authentication on a request message.
Field | Description |
---|---|
No Verification | Select this option to ensure that credentials are not authenticated through username token or SAML token. |
Verify username token |
Select this option to authenticate user credentials through username token. If you select this option, ensure you have configured the User Authentication tab on the WSS Authentication Shared Resource. |
Verify SAML token |
Select this option to authenticate user credentials through SAML token. Select one of the following confirmation methods:
Specify Issuer Name |
Confidentiality
An inbound request can be decrypted and an outbound response can be encrypted to maintain confidentiality. The Confidentiality tab has the following fields:
Field | Description |
---|---|
Decrypt Request | To Decrypt request, provide the Subject Provider or the Subject Provider (with Trust Credential) value in the WSS Authentication policy resource, and select the Enable Decryption checkbox on the Basic Configuration section of the WSS Authentication policy resource. |
Encrypt Response | Specify the following fields:
|
Integrity
Maintain integrity by verifying the signature on an inbound request and signing an outbound response. The Integrity tab has the following fields:
Field | Description |
---|---|
Verify Signature on Request |
Select from the following options from the drop-down menu Verify parts that are signed :
|
Sign Response | Specify the following fields:
|
Timestamp
To track the time of the request, a timestamp is inserted in the request. The Timestamp tab has the following fields:
Field | Description |
---|---|
Verify Timestamp on Request | No additional configuration required. |
Set Timestamp on Response | Specify the time-to-live in seconds. |