Use this panel, which is in the Policy Set Bindings section of the editor, to further configure any message part protection tokens defined in the associated policy set.
If you are using X.509 certificates, you must configure the IBM® Integration Bus runtime environment to refer to a keystore and truststore. You might also need to configure passwords for these stores, and specific key passwords. See Viewing and setting keystore and truststore runtime properties at broker level for further information.
If you are using Kerberos tickets, you must provide client credentials for accessing the Kerberos Key Distribution Center (KDC). You can provide these credentials either through a Username and password token type in the message tree properties folder, or by using the mqsisetdbparms command. For more information, see Implementing WS-Security.
Column Name | Description and valid options |
---|---|
Encryption Protection and Signature Protection | Displays the names of any Message Part Protection tokens that require further configuration. The token name is displayed after either request: or response:, depending on the configuration of the token in the associated policy set. |
Timestamp | Either:
|
Nonce | Either:
|
Encryption | Either:
|
Token | Click this column to see a list of all message level protection tokens. Select the token that is to be associated with the message part protection token. |
Token Type | Click this column to see a list of all token types. Token types can be specified for outbound policies and optionally for inbound policies. Select the appropriate token type from the list. Valid options are STRREF, KEYID, EMB, KEYNAME, and X509ISSUER. |
Order | Defines the order that response message part policies should be processed in. N/A is displayed where this column is not required for certain combinations of tokens. |