WS-Security Processor-In – Checks WS-Security Headers in an XML document.
With the Web Service Security Processor In you can check a variety of Web Service Security Headers at a received document.
Select the Processor Configuration tab and click on Add Processor.
SAML Auth: This allows the user to check SAML-based (Security Assertion Markup Language) authentication of the SOAP message.
At SAML Auth tab you can set:
Validate SAML Auth: Validate the signature of a SAML Authentication Assertion.
Validate Certificate: Validate that the signing certificate belongs to the trust store.
Timestamp: This checks a timestamp of the SOAP message.
At Timestamp tab you can set:
Check Timestamp: Check a timestamp header.
Validate Expiration: Check for an expiration period of the timestamp.
Validate Timestamp Signature: Check for a signature on timestamp.
XML Digital Signature: This is a digital signature using a PGP-style public key and certificate. The user checks if the SOAP message body is correctly signed in this way.
At XML Digital Signature tab you can set:
KeyStore: The path to the keystore containing certificates used to decode the message signatures. Note that network paths are not evaluated in the eiConsole.
KeyStore Type: The type of keystore file being used (e.g., JKS, PKCS12).
KeyStore Password: The password used to protect the keystore.
Certificate Alias: The alias of the certificate used to decode the message signatures.
Certificate Password: The password used to protect the certificate.
Private Key Password: The password used to protect the private key.
Check SOAP Body signature: Check a XML Digital Signature for the SOAP Body.
SOAP version: Select SOAP version. It can be 1.1 or 1.2.
At UserNameToken tab you can set:
Use Authentication: Check authentication for username and password pairs.
Check Username Signature: Check the XML digital signature for the created UserNameToken.
Use Custom CallbackHandler: Use custom CallbackHandler or not.
Authenticator class name: Specifies authenticator class that will be used for performing authentication.
Custom CallbackHandler class name: Specifies custom javax.security.auth.callback class that will be used for performing authentication.