AS4 TPA parameters

For more information, see Message Exchange Patterns.

Information that identifies the initiator of the message exchange. You can configure the following initiator parameters:

id

External ID of the initiating Messaging Service Handler (MSH). The content of this parameter map to the element Messaging/UserMessage/PartyInfo/From/PartyId.

type

External ID type of the initiating MSH. For example, DUNS.

role

URI of the location where the agreement is stored.

authorization

User credentials the pull signal receiver needs to authorize the pull signal. Specify the username and password to authorize the pull signal.

host

It indicates whether the partner profile is the host for a document exchange. The following list describes the possible values:

• true- The certificates that are associated with the partner are selected. Set this parameter to true only when the webMethods B2B partner profile is not the enterprise profile during a document exchange between two partners.
• false- The certificates that are associated with the partner are not selected.

Note: Configure either the initiator or the responder TPA parameter as the host.

Identifies the responder. You can configure the following responder parameters:

id

External ID of the responding MSH, as defined in the partner profile.

type

External ID type of the responding MSH, as defined in the partner profile. For example, DUNS.

role

URI of the location where the agreement is stored.

authorization

User credentials the pull signal receiver needs to authorize the pull signal. Specify the username and password to authorize the pull signal.

host

It indicates whether the partner profile is the host or not for a document exchange.

• true- The certificates that are associated with the partner are selected. Configure this parameter only when the webMethods B2B partner profile is not the enterprise profile during a document exchange between two partners.
• false- The certificates that are associated with the partner are not selected.

Note: Configure either the initiator or the responder TPA parameter as the host.

Defines processing, transportation binding, and business information parameters. Click the Add icon to add one or more legs.

label

MEP leg name.

protocol

The type of transport between two MSHs and information that is related to the MSHs.

businessInfo

Message exchange service information for a pair of partners.

errorHandling

AS4 report errors.

security

Secures your AS4 message exchange.

receptionAwareness

When enabled, an initiating MSH sends a user message to the responding MSH.

Configuring an MEP label

To configure an MEP label, select one of the following label:

• requestUM- Select when you use One-Way/Push, One-Way/Pull. Two-Way/Sync, Two-Way/Push-Pull, and Two-Way/Push-Push.
• requestSM- Select when you use One-Way/Pull.
• replyUM- Select when you use Two-Way/Sync, Two-Way/Push-Pull, and Two-Way/Push-Push.

Configuring protocol parameters

To configure the type of transport between two MSHs and information that is related to the MSHs.

address

Endpoint URI of the responding MSH. For example, http://host:port/ws/msh/receive

username

Username to authenticate the access to the partner's endpoint URI.

password

Password to authenticate the access to the partner's endpoint URI.

addActorOrRoleAttribute

Specifies whether the role attribute is added to the message header.

• true. The role attribute is added to the message header.
• false. The role attribute is not added to the message header.

Configuring businessInfo parameters

To configure message exchange service information for a pair of partners.

service

URI of the service that processes the message.

serviceType

The name of the service type that indicates how the sender and receiver interprets the service element. If you do not enter a value for this parameter, the service parameter must be a URI.

action

URI of the element that identifies an operation or an activity within a service.

properties

Properties required in the message. If the required properties are missing, the processing of the message stops, and an error is returned. Click and configure the name, description, and required fields.

mpc

Message Partition Channel (MPC) identifier. The user message or signal uses this MPC.

extendedInfo

Configure multiple message exchange: service, serviceType, and action.

Configuring errorHandling

To report errors, configure the error handling TPA parameters in the requestUM or replyUM leg for a user message, and in the requestSM leg for a pull signal.

senderErrorsTo

Address or comma-separated list of addresses to send the ebMS errors that are generated by the sending MSH.

receiverErrorsTo

Address or comma-separated list of addresses to send the ebMS errors that are generated by the receiving MSH.

Note: If you want to enable basic authentication for an endpoint URL, use the username and password from the protocol section of the leg parameter.

asResponse

Select if processing errors at the receiver end are reported on the back channel of erroneous messages.

• true. Errors are reported on the back channel. The default value is true.
• false. Errors are reported to the receiverErrorsTo address.

missingReceiptNotifyProducer

(Optional). The parameter indicates that whether an error signal notification is generated and sent to the producer when a receipt is not received from the partner for the message sent. The error message is sent to the address configured in the senderErrorsTo parameter.

• true. Error reports are generated.
• false. Error reports are not generated. The default value is false.

Note: In the requestUM leg, when missingReceiptNotifyProducer is set to true, sendReceipt must be set to true and replyPattern can be set to response or callback. Where, for response, no additional settings are required and for callback, set replyTo and replyPattern.

• For One-Way/Push, either response or callback can be set.
• For One-Way/Pull, only a callback can be set.
• For Two-Way/Push-Pull, only response can be set.

missingReceiptNotifyProducer cannot be configured in the replyUM leg.

Configuring security

To secure AS4 message exchange, configure the security TPA parameters in the requestUM or replyUM leg for a user message, and in the requestSM leg for a pull signal.

enableSecurity

Enable or disable security.

• true. Security is enabled.
• false. Security is disabled. The default value is false.

includeTimeStamp

Includes a timestamp in the security header.

• true. Timestamp is included in the security header.
• false. Timestamp is not included in the security header. The default value is false.

x509

Information required to sign and encrypt an AS4 message by using the WSS X.509 Certificate Token Profile. Configure the following parameters:

• sign- Specify whether the message is signed and which parts of the message are signed. When you use your own policy for security settings, the values of the sign parameters are ignored. Configure the following parameters:

  enableSign

  The parameter indicates that whether signing is enabled.

  • true. Signing is enabled.
  • false. Signing is disabled. The default value is false.

  certificateId

  (Optional). The certificate ID to use for signing or verifying a signature for a message. The partner certificate ID must be used when you receive a message. You can view the certificateId for the configured certificates from the partner's certificate tab.

  element

  The XPath of each element that needs to be signed. For example, to sign the Timestamp element, add /soapenv:Envelope/soapenv:Header/Messaging/UserMessage/MessageInfo/Timestamp. Click to configure multiple element paths that need to be signed.

  attachments

  The parameter indicates that whether signing of the attachments for a message is enabled.

  • true. Signing of the attachments of a message is enabled.
  • false. Signing of the attachments of a message is disabled. The default value is false.

  signReceipt

  (Optional). The parameter indicates that whether signing of the receipt is enabled.

  • true. Signing of the receipt is enabled.
  • false. Signing of the receipt is disabled. The default value is false.

  Note: If enableSign is set to false and signReceipt is set to true, the receipt is not signed.

  receiptCertificateID

  (Optional). The certificate ID to use for signing the receipt.

  signReceiptBody

  The parameter specifies whether the signing of the receipt body is enabled.

  • true. Signing of the receipt is enabled.
  • false. Signing of the receipt is disabled. The default value is false.

  Note: This parameter can be enabled only if signReceipt is enabled.

• encrypt- The parameter indicates that whether the message is encrypted and which parts of the message are encrypted.
  Note: When you use your own policy for security settings, the values of the encrypted parameters are ignored.

  enableEncrypt

  The parameter indicates that whether encryption is enabled.

  • true. Encryption is enabled.
  • false. Encryption is disabled. The default value is false.

  certificateId

  (Optional). The certificate ID to use for encrypting or decrypting a message. The partner certificate ID must be used for encryption when you send a message. The certificate ID must be used for decryption. You can view the certificateId for the configured certificates from the partner's certificate tab.

  element

  The XPath of each element that needs to be encrypted. For example, to encrypt the Timestamp element, add /soapenv:Envelope/soapenv:Header/Messaging/UserMessage/MessageInfo/Timestamp. Click and configure the element to be encrypted.

  attachments

  The parameter indicates that whether encrypting the attachments of a message is enabled.

  • true. Encrypting of the attachments of a message is enabled.
  • false. Encrypting of the attachments of a message is disabled. The default value is false.

  encryptBody

  The parameter indicates that whether to encrypt the body of a message or not.

  • true. Enables encryption of the message body. The default value is true.
  • false. Disables encryption of the message body.

• algorithmSuite- Specifies the algorithm suite to be used for signing and encrypting. For more information about algorithm suites, see Using Algorithm Suites

usernameToken

Information needed to authenticate the AS4 message. Configure the following parameters:

• username- Username to authenticate the message
• password- Password to authenticate the message.
• hash password- The parameter indicates that whether password hashing is enabled.
  • true- Password hashing is enabled.
  • false- Password hashing is disabled. The default value is false.

policy

(Optional). Policy xml content. The policy content must adhere to the format specified in OASIS WS-SecurityPolicy.

Note:

• The value that you provide for the policy takes precedence over other security parameters.
• If the content of the policy parameter requires either signature or encryption, then the enableSign or enableEncrypt option, or both must be enabled.

policyStandard

(Optional). Specify the policyStandard to be used.

• Default. Standard policies are used. The default value is Default.
• ENTSOG. ENTSOG specific policies are used.

pmodeAuthorize

The parameter indicates that whether to authorize the messages on the MEP leg for processing.

• true. Messages are authorized for processing.
• false. Messages are not authorized for processing. The default value is false.

receipt

Information that identifies how receipts are handled. Configure the following parameters:

sendReceipt

The parameter indicates that whether a receipt (Receipt ebMS signal) is sent.

• true. A receipt is sent.
• false. A receipt is not sent. The default value is false.

replyPattern

The reply pattern of the receipt signal.

• response. webMethods B2B sends the receipt on the back channel. This reply pattern can be used with the One-Way/Push MEP only. The default value is response.
• callback. webMethods B2B sends the receipt signal as a separate request.

replyTo

The endpoint URL to which the receipt is sent. Configure this parameter when replyPattern is set to a callback.

Note: If you want to enable basic authentication for an endpoint URL, use the username and password from the protocol section of the leg parameter.

nonRepudiation

The parameter indicates that whether the receipt includes the hash values for the digests in the user message.

• true. Hash values are included in the receipt.
• false. Hash values are not included in the receipt. The default value is false.

Configuring receptionAwareness

If reception awareness is enabled, an initiating MSH sends a user message to the responding MSH.

Duplicate detection detects a duplicate user message with the same UserMessage/MessageInfo/MessageId as a previous message. When a duplicate message is received, the message is flagged as duplicate and UserStatus in Trading Networks transaction analysis page is updated to DUPLICATE_RECEIVED. Specify the following parameters:

enabled

(Optional). Select true to enable and false to disable reception awareness. The default is set to false.

retry

Select parameters that control push retry.

enabled

Select true to enable and false to disable retry. The default value is false.

retryParameters

Configure the following retryParameters that controls push retry:

maxRetries

Type the maximum number of times webMethods B2B tries to resend a message.

period

Type the length of time, in seconds, webMethods B2B waits between retry attempts.

duplicateDetection

Select parameters that control duplicate detection.

enabled

Select true to enable and false to disable duplicate detection.

checkWindow

Length of time, in seconds (S) or days (D), that a message ID is retained in the cache and checked for duplicate incoming message IDs (for example, 4320000S or 5D).

maxSize

The maximum size, in bytes, of an incoming duplicate message that webMethods B2B saves. When the size of the incoming duplicate message exceeds this value, the duplicate message is not saved in the Trading Networks database and an error is logged.

webMethods B2B provides configurable compression and decompression of application payloads. AS4 messages that contain compressed or application payloads are built according to the SOAP with Attachments specification. Each compressed payload is carried in its own MIME body part.

When you want to send a compressed payload, set the PMode.PayloadService.CompressionType P-Mode parameter to application/zip. Enabling this P-Mode parameter indicates to the sending MSH that the outgoing message payloads must be compressed before you send it. Therefore, the receiving MSH must decompress the payload part before it delivers the message to the receiver.

Message splitting and joining involves two related operations. During the send operation of a large user message, the sending MSH splits the message into multiple fragments.

Specify the following parameters:

enabled

(Optional). Specify one of the following values:

• true Splitting is enabled.
• false Splitting is disabled. The default value is false.

fragmentSize

The size of each fragment, in bytes. For example, if fragmentSize is defined as 1000 bytes and the message is 2050 bytes, the message is split into two fragments of 1000 bytes each, and one fragment of 50 bytes. If the message is 900 bytes, one fragment of 900 bytes is sent.

joinInterval

The maximum time, in seconds, to expect and process other fragments after the first fragment is received.

(Optional). Allows empty conversation ID. allowEmptyConversationId parameter is added in com.wm.estd.as4.documents.pmode:PMode document. By default, this parameter is not set. If the value is not set for this parameter in the Trading Partner Agreement, then the property as4.message.emptyConversationId is used.

• true. Empty conversation ID is allowed.
• false. Empty conversation ID is not allowed.