Creating security profiles for WSDL files

You can create SOAP security profiles for use with web service calls or message returns that require message encryption, signature or other advanced security algorithms.

Before you begin

Before creating a security profile, you must have a Web Services Description Language (WSDL) file in your workspace.

If the security profile uses digital certificates for encrypting or signing requests or responses, you must have the corresponding keystore files (KS, JKS, JKECS, PKCS12, or PEM) in your workspace.

Procedure

  1. In the test navigator or project explorer, right-click the WSDL file and select Configure WSDL Security. This opens the WSDL security editor.
  2. Click the Security Algorithms tab. Security profiles are described by adding elements to a stack. When a service request is sent or a response is received, each element in the stack is applied to the message in the specified order. If necessary, create one security profile for outgoing requests and one for incoming responses.
  3. In the Security Algorithms area, click Add to create a new algorithm stack, and click Rename to change the default name.
  4. In the Algorithm Stack Details area, click Add to add a new algorithm element to the stack. You can add time stamps, user-name tokens, encryption, or signatures.
  5. Edit each element in the stack according to the requirements of the web service.

    Encryption and signature stack elements can be applied to portions of the web service call or message return document by specifying an Xpath query in User Xpath part selection. For example, you can encrypt one XML element with one encryption stack element, and another element with another stack element. You can use the Web Service Protocol Data view to help identify the correct Xpath query for this option.

    You can check that the security stack is valid by clicking Tools > Validate Selected Algorithm.

  6. When all the stack elements are complete, ensure that the execution order is correct. If necessary, use the Up and Down buttons to change the order of elements in the stack.
  7. Repeat steps 4 through 7 to create as many algorithms as are required for security profile.
  8. Click the Algorithms by WSDL Operations tab. This page enables you to associate a security profile with each request or response operation in the WSDL.
  9. In the WSDL Contents column, select a service request or response.
  10. In the Algorithm Stack column, select a security profile from the list. If necessary, click << to open the stack on the Security Algorithms page.

What to do next

After saving the security profile, the Web Service Protocol Data view displays the effect of the security profile on the XML data of the web service.
Related concepts:
WSDL security editor overview
Related tasks:
Using a security policy
Implementing a custom security algorithm
Adding WS-Addressing to a security configuration
Using a security policy
Adding WS-Addressing to a security configuration
Implementing a custom security algorithm
Related reference:
WSDL security editor reference
Feedback