Kerberos token capabilities for encryption, decryption, signing, and verifying
You can use Kerberos tokens for encryption, decryption, signing, and verifying.
Kerberos token encryption for providing message Confidentiality and Integrity on outgoing SOAP messages from the integration node is supported in the following configurations:
Capability
- Encrypt, by using a Kerberos Key Distribution Center (KDC)
- Decrypt, by using the Kerberos keytab file
Policy Enforcement Point (PEP) and direction
- In (provider)
- In (consumer)
Configured with a policy set and binding defining the message Integrity
- Out (consumer)
- Out (provider)
Configured with a Kerberos policy set and binding.
Trust Store or Policy Decision Point (PDP)
- Kerberos KDC.