Kerberos token capabilities for encryption, decryption, signing, and verifying

You can use Kerberos tokens for encryption, decryption, signing, and verifying.

Kerberos token encryption for providing message Confidentiality and Integrity on outgoing SOAP messages from the integration node is supported in the following configurations:

Capability

Encrypt, by using a Kerberos Key Distribution Center (KDC)
Decrypt, by using the Kerberos keytab file

Policy Enforcement Point (PEP) and direction

In (provider)
- SOAPInput node
In (consumer)
- SOAPRequest node
- SOAPAsyncResponse node
Configured with a policy set and binding defining the message Integrity

Out (consumer)
- SOAPRequest node
- SOAPAsyncRequest node
Out (provider)
- SOAPReply node
Configured with a Kerberos policy set and binding.

Trust Store or Policy Decision Point (PDP)

Kerberos KDC.