The WS-Security Request data protocol supports SOAP messages that include WS-Security headers. This data protocol can strip any security from the SOAP Request before sending it along the Virtualize framework. The WS-Security Request data protocol then applies security to outgoing SOAP responses.
When recording a web service with WS-Security headers, add a WS-Security Request (Request Side) data protocol (typically before a Web Service SOAP data protocol) and a WS-Security Response (Response Side) data protocol.
Before you record, you are presented with a set of configuration panels:
Request Data Protocol
For the Request data protocol, configure the handler to process a Request message that the client sends. Fill in the Receive actions that are used to decode and validate the headers. This configuration is used both for recording and playback.
Options available for Receive (Response) messages are:
Options available for Send (Request) messages are:
To use encryption, enter the following information:
Specifies the keystore file to use for encryption.
Specifies the keystore type.
Values:
Defines the password associated with the specified keystore file.
Designates an alias for a public key.
Defines an alias password for PKCS#12 files. Leave this value blank or enter the same value you specified for Keystore Password.
The WS-I BSP Compliant check box indicates whether to verify that you comply with the WS-I Basic Security Profile (including using InclusiveNamespaces and CanonicalizationMethod in SignedInfo).
To validate your keystore information, click the Verify button.
Response Data Protocol
For the Response data protocol, configure the handler to process Response messages returned from the live service during recording and Response messages that are returned from the VSM. During the recording phase, you must process the Response message as the client would.
Select the Add Timestamp check box.
Defines the lifetime of the message in seconds. To avoid including an Expires element, enter 0.
Specifies whether to output the timestamp in milliseconds.
Note: Some web services (for example .NET 1.x/2.0 with WSE 2.0) do not comply with standard timestamp date formatting, and do not allow milliseconds. For these web services, clear the Use Millisecond Precision in Timestamp check box.
During playback, you must process the message as the server would send it. The SOAP message from the VSM has no Security headers and this configuration applies the Security header.
After the recording completes, a virtual service model is created. In that model, a data protocol filter is attached to the HTTP/S Listen step for the WS-Security Request data protocol.
Update any security configuration information for playback. For example, if your WS-Security settings change on the service, you can update them here instead of rerecording the virtual service.
In the VSM, a filter is also added for the WS-Security Response data protocol onto the HTTP/S Response step.
Any security configuration information for playback can be updated for the response message.
To save your security settings to a file, or to load a saved file containing security settings, use Load and Save .
Copyright © 2014 CA Technologies.
All rights reserved.
|
|