Set Security Properties Dialog Box

This dialog box enables you to set the security properties for your Web Service calls.

To access
In the Steps Toolbox pane, double-click the web_service_set_security step.
Relevant tasks
Important Information If you have edited key algorithm or session algorithm values in the mmdrv.config file for an existing script, these values are replaced with the system default values.

WS—Security Tab

User interface elements are described below (unlabeled elements are shown in angle brackets):

UI Element
Description
<Token Grid> Displays a unique number, type and name of all tokens that have been added.

Add Security Token

Enables you to select a token type: 

UserName Token

  • Token Name. A meaningful name for the token.
  • Include nonce. If selected, an arbitrary number is used once to sign communication.
  • Username/Password. Specify the username/password.
  • Password type. Text, Hash, None
  • Timestamp format. Full, Created, None

 

X.509 Certificate Token

  • Token Name. A meaningful name for the token.
  • Certificate. If selected, an arbitrary number is used once to sign communication.
  • Reference Type. BinarySecurityToken, Reference

 

Kerberos/Kerberos2 Token

  • Token Name. A meaningful name for the token.

  • Host. The host name of the server against which you want to authenticate. In most cases, it is the host portion of the service URL.
  • Domain. The Windows domain of the server against which you want to authenticate.

 

PFX File Token

  • Token Name. A meaningful name for the token.
  • PFX File. Contains all of the token information, including the server certificate, intermediate certificates, and the private key in a single file.

    Tip: If you have a .jks file, use it here. VuGen will automatically convert it to a .p12 file.

  • PFX File Password. The password for your PFX file.

    Note: If you are using a .jks file, use your .jks file password.

Add Message Signature

  • Signing token. The token to use for signing, usually an X.509 type. Select from the list of all added tokens.
  • Canonicalization algorithm. A URL for the algorithm to use for canonicalization. A drop-down list provides common algorithms. If you are unsure which value to use, keep the default.
  • Transform Algorithm. A URL for the Transform algorithm to apply to the message signature. A dropdown list provides common algorithms. If you are unsure which value to use, keep the default.
  • Inclusive namespace list. A list of comma-separated prefixes to be treated as inclusive (optional).
  • What to sign. The SOAP elements to sign: SOAP Body, Timestamp, and WS-Addressing.

    • Xpath (optional). An XPath that specifies which parts in the message to sign. If left blank, the elements selected in the Signature options field are signed. For example, //*[local-name(.)='Body'].
    • Token (optional). The target token you want to sign. Select from the drop-down list of all added tokens. With most services, this field should be left empty.

Add Message Encryption

  • Encrypting Token. The token to use for encryption, usually an X.509 type. You can select from a list of all previously created tokens.
  • Encrypting Type. Indicates whether to encrypt the whole destination Element or only its Content.
  • Key algorithm. The algorithm to use for the encryption of the session key: RSA15 or RSAOAEP.

    If you have edited the mmdrv.config file with a custom key algorithm value for an existing script, this value is replaced with the system default value of RSA15.

  • Session algorithm. The algorithm to use for the encryption of the SOAP message. You can select from a list of common values.

    If you have edited the mmdrv.config file with a custom session algorithm value for an existing script, this value is replaced with the system default of AES128.

  • What to encrypt.

    • Xpath (optional). An XPath that indicates the parts of the message to encrypt. If left blank, only the SOAP body is encrypted.
    • Token (optional). The name of the encrypted token. A drop-down box provides a list of all added tokens. With most services, this field should be left empty.
Delete a token definition from the grid.

Up/Down. Positioning tools that allow you to set the

priority of the security elements.

Note: Make sure the security elements are positioned in order of their priority.

Exclude Timestamp Removes the timestamp from the SOAP header before sending the security element to the server.

Back to top

WS Addressing

The WS-Addressing tab indicates whether WS-Addressing is used by the service, and if so, its version number. You can also specify the IP address of the server to which you want the response to be sent.

Back to top

See also: