|
|
|
Configure SOA Security Manager to Perform Encryption and Decryption of WS‑Security Documents
SOA Security Manager can encrypt any WS‑Security message that contains the recipient’s X.509 certificate in a WS‑Security header. SOA Security Manager extracts the recipient’s public key from their X.509 certificate and uses this to encrypt a symmetric key, which it then uses to encrypt the desired header and message elements. Multiple encryption algorithms are available; different encryption algorithms can be used for encryption of the symmetric key and header/message elements.
Configure SOA Security Manager to perform XML encryption on elements of outgoing messages by adding appropriate response attribute variables to a response configured to generate WS‑Security headers.
Although the WS‑Security authentication scheme automatically decrypts encrypted elements in incoming messages, the default behavior of SOA Security Manager is to deliver messages to the recipient web service in encrypted form. However, you can configure SOA Security Manager to deliver decrypted versions of incoming encrypted WS‑Security messages by configuring a response with the TXM_WSSEC[_SAML]_ENCRYPT_DECRYPT response attribute variable and associating it with the authorizing policy.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |