Defining inbound SOAP messages for WS-Security profile data instances
Create a WS-Security profile to securely exchange messages between your application and a web service. Use the In Flow tab to configure WS-Security on inbound SOAP messages.
- On the In Flow tab, click the Add new configuration icon.
- In the Configuration type list, select one of the following
inbound SOAP message types.
- Decryption – Enables the decryption configuration on the
inbound SOAP message.
- In the Encryption key identifier list, select the encryption key to use in the SOAP message.
- Click Change decryption password and then enter the new password to change the private key password.
- To use symmetric key encryption, where the user and the service have a shared binary key, in the Embedded key field, enter the Base64 value of a binary shared key.
- In the Embedded key name field, enter the name of the shared embedded key.
- In the Encryption sym algorithm list, select the algorithm to encrypt the symmetric key.
- In the Key transport algorithm list, select the algorithm used for encrypting and decrypting the encryption key.
- Signature – Enables the signature configuration type on an
inbound SOAP message.
- In the Signature algorithm list, select the digital signature algorithm to use for encryption.
- In the Digest algorithm list, select a hash code that verifies that the signature came from the claimed source.
- In the Signature key identifier list, select the key identifier type to use to identify the signature token.
- Timestamp – Enables the time stamp configuration type on an inbound SOAP message.
- Username – Enables the user name configuration type on an
inbound SOAP message.
- In the User name field, enter a user name for authentication.
- Click Change password to change or add a password associated with the specified user name.
- In the Password type list, select the type of the password
to use with the connection.
- Text – The password is sent as plain text in the SOAP message.
- Digest – The password is sent as a Base64-encoded SHA1 hash of the original value.
- To change the SOAP message to a randomly generated Based64 string, select the Add nonce value check box.
- To indicate the creation time of the message by including a time stamp in the SOAP message, select the Add created timestamp check box.
- SAML – Enables the SAML configuration type on an inbound
SOAP message.
- In the SAML version list, select the SAML version to use in the SOAP message.
- In the Clock skew field, enter the time difference (in seconds) between two different servers that are out of sync.
- Decryption – Enables the decryption configuration on the
inbound SOAP message.
- Repeat steps 1 and 2 to add more configurations.
- Click Save.
Previous topic Defining outbound SOAP messages for WS-Security profile data instances Next topic Understanding WS-Trust in Pega Platform