WebSphere Application Server Version 6 and later support Organization for the Advancement of Structured Information (OASIS) Web Services Security (WS-Security) specifications.
These OASIS standards have been updated to support the latest versions of Web Service Security (WS-Security) specifications and tokens. Version 1.1 provides better security verification for signature, a standard way of encrypting SOAP headers, and meets the requirement from some of the interoperability scenarios that use features from Web Service Security Version 1.1.
The following list shows the aspects of the OASIS: Web Services Security: SOAP Message Security 1.0 specification that are supported in WebSphere Application Server Versions 6 and later.
Supported topic | Specific aspect that is supported |
---|---|
Security header |
|
Security tokens |
|
Token references |
|
Signature algorithms |
|
Signature signed parts |
|
Encryption algorithms |
Advanced Encryption Standard (AES) is designed to provide stronger and better performance for symmetric key encryption over Triple-DES (data encryption standard). Therefore, it is recommended that you use AES, if possible, for symmetric key encryption. |
Encryption message parts |
|
Time stamp |
|
Error handling | SOAP faults |
The following list shows the aspects of the OASIS: Web Services Security Username Token Profile 1.0 specification that is supported in WebSphere Application Server.
Supported topic | Specific aspect that is supported |
---|---|
Password types | Text |
Token references | Direct reference |
The following list shows the aspects of the OASIS: Web Services Security X.509 Certificate Token Profile specification that is supported in WebSphere Application Server Versions 6 and later.
Supported topic | Specific aspect that is supported |
---|---|
Token types |
|
Token references |
|
S12 is the namespace prefix of http://www.w3.org/2003/05/soap-envelope
See SOAP Version 1.2 Message Normalization for information, such as an empty header or header entry with mustUnderstand=false is removed, and so forth.