Use this page to specify how message security policies are applied to requests and enforced on responses, as defined by the main policy settings and the bootstrap policy settings. Assertions for Web Services Security (WS-Security) versions are already generated based on assertions in the policy set. If the policy set includes a Web Services Security Version 1.1 assertion, then Web Services Security Version 1.1, itself, is asserted.
Specifies whether message level protection, using digital signatures and encryption, is required.
Specifies whether message part protection, using digital signatures and encryption, is required.
When the Message level protection check box is cleared, the link to Request message part protection is disabled, because the configuration information associated with message level security is removed when message level protection is cleared.
Specifies whether to use symmetric tokens. Select this radio button to use symmetric tokens. You can then configure symmetric tokens using the Symmetric signature and encryption policies link. Click this link to access the Symmetric signature and encryption policies panel where you can create the trust context in which to use symmetric tokens. Using the same token for signing and validating messages and encrypting and decrypting messages provides higher performance than can be achieved with asymmetric tokens. Use symmetric tokens within a trust context. If a custom Kerberos token type is used, you must select the Use symmetric tokens option.
Specifies whether to use asymmetric tokens. Select this button to use asymmetric tokens. You can then configure asymmetric tokens using the Asymmetric signature and encryption policies link. Click this link to access the Asymmetric signature and encryption policies panel where you can create the trust context (message integrity and confidentiality) in which to use asymmetric tokens. Specify which token type to use for the initiator and recipient signature as well as the initiator and recipient encryption.
Specifies whether to use a time stamp in the header. Select this check box to include a time stamp in the header. You can then specify where in the header to place the time stamp by using the Security header layout radio buttons.
Specifies the layout rules for the security header.
Specifies links for accessing the request token policies, response token policies, and algorithms for asymmetric tokens. Click these links to view token policies and cannonicalization algorithms that are supported. Algorithms are used to reconcile XML differences.
Click this link to define policies that specify which types of supporting authentication tokens are used in the request and the properties of those token types.
Click this link to define policies that specify which types of supporting authentication tokens are used in the response and the properties of those token types.
Links to a view of available algorithms. Click this link to view the cryptographic and cannonicalization algorithms that are supported. Algorithms are used to reconcile XML differences.