You can create SOAP security profiles for use with web
service calls or message returns that require message encryption,
signature or other advanced security algorithms.
Before you begin
Before creating a security profile, you must have a Web
Services Description Language (WSDL) file in your workspace.
If the security profile uses digital certificates for encrypting
or signing requests or responses, you must have the corresponding
keystore files (KS, JKS, JKECS, PKCS12, or PEM) in your workspace.
Procedure
- In the test navigator or project explorer, right-click
the WSDL file and select Configure WSDL Security. This opens the WSDL security editor.
- Click the Security Algorithms tab. Security profiles are described by adding elements to a stack.
When a service request is sent or a response is received, each element
in the stack is applied to the message in the specified order. If
necessary, create one security profile for outgoing requests and one
for incoming responses.
- In the Security Algorithms area,
click Add to create a new algorithm stack,
and click Rename to change the default name.
- In the Algorithm Stack Details area,
click Add to add a new algorithm element to
the stack. You can add time stamps, user-name tokens, encryption,
or signatures.
- Edit each element in the stack according to the requirements
of the web service.
Encryption and signature stack elements
can be applied to portions of the web service call or message return
document by specifying an Xpath query in User Xpath part
selection. For example, you can encrypt one XML element
with one encryption stack element, and another element with another
stack element. You can use the Web Service Protocol Data view to help identify the correct Xpath query for this option.
You can check that the security stack is valid by clicking .
- When all the stack elements are complete, ensure that the
execution order is correct. If necessary, use the Up and Down buttons to change
the order of elements in the stack.
- Repeat steps 4 through 7 to create as many algorithms as
are required for security profile.
- Click the Algorithms by WSDL Operations tab. This page enables you to associate a security profile
with each request or response operation in the WSDL.
- In the WSDL Contents column, select
a service request or response.
- In the Algorithm Stack column, select
a security profile from the list. If necessary, click << to open the stack on the Security Algorithms
page.
What to do next
After saving the security profile, the
Web Service
Protocol Data view displays the effect of the security
profile on the XML data of the web service.