You can create SOAP security profiles for the web service calls or message returns that
require message encryption, signature or other advanced security algorithms.
Before you begin
You must have a Web Services Description Language (WSDL) file in your workspace.
If the security profile uses digital certificates for encrypting
or signing requests or responses, you must have the corresponding
keystore files (KS, JKS, JKECS, PKCS12, or PEM) in your workspace.
About this task
If the WSDL is simple and you want to check its security, in the
Request
Stack tab of the test editor, click . Paste the SOAP XML message and click
Next. The next page
shows the different security algorithms used in the XML. Click
Finish to add
the security algorithms to the editor.
Note: When you add a secured SOAP XML message in tab of the test editor, certain security related warnings are displayed in the
Error Message view. If you are aware of the secured SOAP XML message and do
not want to view the warnings, click and select the Analyze pasted SOAP content check
box.
If the WSDL uses WS-Policy, you must configure security as follows:
Procedure
- In the test navigator or project explorer, right-click the WSDL file and select Edit
WSDL Security. The WSDL security editor is displayed.
- Click the Security Algorithms tab. Security profiles are described by adding elements to a stack. When a service request is sent
or a response is received, each element in the stack is applied to the message in a specified order.
If necessary, create one security profile for outgoing requests and one for incoming
responses.
- In the Security Algorithms area,
click Add to create a new algorithm stack,
and click Rename to change the default name.
- In the Algorithm Stack Details area, click Add to
add a new algorithm element to the stack. You can add time stamps, username tokens, encryption, or signatures.
- Edit each element in the stack according to the requirements
of the web service.
You can apply encryption and signature stack elements to portions of the web service call or
message return document by specifying an Xpath query in User Xpath part
selection. For example, you can encrypt one XML element with one encryption stack
element, and another element with another stack element. You can use the Web Service
Protocol Data view to help identify the correct Xpath query for this option.
You can check whether the security stack is valid by clicking .
- When all the stack elements are complete, ensure that the
execution order is correct. If necessary, use the Up and Down buttons to change
the order of elements in the stack.
- Repeat steps 4 through 7 to create as many algorithms as
are required for security profile.
- Click the Algorithms by WSDL Operations tab. This page enables you to associate a security profile
with each request or response operation in the WSDL.
- In the WSDL Contents column, select
a service request or response.
- In the Algorithm Stack column, select
a security profile from the list. If necessary, click << to open the stack on the Security Algorithms
page.
Results
After saving the security profile, the
Web Service Protocol Data view
displays the effect of the security profile on the XML data of the web service.