Configuration Guides › Policy Server Configuration Guide › Authentication Schemes › WS‑Security Authentication

WS‑Security Authentication

The WS-Security standard defines a set of SOAP header extensions that provide mechanisms for securely passing authentication data and protecting message content between web services, particular those at federated enterprises. WS-Security allows web service implementers to do the following:

• Send authentication data as part of a message using one of several supported security token types.
• Ensure message integrity using digital signatures.
• Ensure message confidentiality using XML encryption.

These mechanisms can be used independently (for example, to pass authentication data in a security token) or in combination (for example, signing and encrypting a message and providing authentication data in a security token).

For more information about the WS-Security standard, see the OASIS Standard, Web Services Security: SOAP Message Security 1.0.