WS-Security Processor-In – Checks WS-Security Headers in an XML document.
With the Web Service Security Processor In you can check a variety of Web Service Security Headers at a received document.
Select the Processor Configuration tab and click on Add Processor.
Select the WS-Security Processor-In from the drop down.
In the Conditional Execution tab you can set additional processor execution conditions. The Transaction data dependent condition may be specified here as enhanced expression. If this expression returns anything other than TRUE (ignore case) – this processor will be skipped.
SAML Auth: This allows the user to check SAML-based (Security Assertion Markup Language) authentication of the SOAP message.
At SAML Auth tab you can set:
Validate SAML Auth: Validate the signature of a SAML Authentication Assertion.
Validate Certificate: Validate that the signing certificate belongs to the trust store.
At X509 Auth tab you can set Check Binary Security Token.
Timestamp: This checks a timestamp of the the SOAP message.
At Timestamp tab you can set:
Check Timestamp: Check a timestamp header.
Validate Expiration: Check for an expiration period for timestamp.
Validate Timestamp Signature: Check for a signature on timestamp.
XML Digital Signature: This is a digital signature using a PGP-style public key and certificate. The user checks if the SOAP message body is correctly signed in this way.
At XML Digital Signature tab you can set:
KeyStore: The path to the keystore containing certificates used to decode the message signatures. Note that network paths are not evaluated in the eiConsole.
KeyStore Type: The type of keystore file being used (e.g., JKS, PKCS12).
KeyStore Password: The password used to protect the keystore.
Certificate Alias: The alias of the certificate used to decode the message signatures.
Certificate Password: The password used to protect the certificate.
Private Key Password: The password used to protect the private key.
Check SOAP Body signature: Check a XML Digital Signature for the SOAP Body.
SOAP version: Select SOAP version. It can be 1.1 or 1.2.
At UserNameToken tab you can set:
Use Authentication: Check authentication for username and password pairs.
Check Username Signature: Check the XML digital signature for the created UserNameToken.
Use Custom CallbackHandler: Use custom CallbackHandler or not.
Authenticator class name: Specifies authenticator class that will be used for for performing authentication.
Custom CallbackHandler class name: Specifies custom javax.security.auth.callback class that will be used for for performing authentication.