Symmetric signature and encryption policies settings

Use this page to create the trust context to use symmetric tokens. Using the same token for signing and validating messages and encrypting and decrypting messages increases performance. Use symmetric tokens within a trust context.

To view this administrative console page, complete the following options:
  1. Click Services > Policy sets > Application policy sets.
  2. Select a policy_set_name in the policy sets table that contains WS-Security content.
  3. Click WS-Security in the policies table.
  4. Click the Main policy link or the Bootstrap policy link.
  5. Click the Symmetric signature and encryption policies link.

Message Integrity – Token type for signing and validating messages

Specifies the current token type used for signing and validating messages.

To change the current token type that is displayed in the Token type for signing and validating messages field or to edit the displayed token type, click Action.

Message Confidentiality – Use same token type for confidentiality that is used for integrity

Specifies whether the token type set for signing and validating messages is also used for encrypting and decrypting messages. For a Kerberos token, message confidentiality uses the same token that is used for the message integrity.

If you select this check box, then the Token type for encrypting and decrypting messages field is blank. If you clear this check box, then a different token can be used for message confidentiality.

Message Confidentiality – Token type for encrypting and decrypting messages

Specifies the current token type that is used for encrypting and decrypting messages.

To change the current token type that is displayed in the Token type for encrypting and decrypting messages field or to edit the displayed token type, verify that the Use the same token type for confidentiality that is used for integrity protection check box is cleared, and click Action.

Action

Enables the token type selected to be changed or edited.

The Action button lists supported token types and provides the following options:
Edit selected type policy
Opens a page to edit the token type for signing or encrypting fields.
Change to Secure Conversation
Changes the token type to Secure Conversation.
Change to custom type
Opens the custom type page to specify the Uniform Resource Identifier (URI) for a custom token type.
When you change the token type, any values that you specified for the former token type are lost, and the default values for the newly assigned token type are used.