IBM® Integration Bus conditionally complies with Web Services Security: SOAP Message Security and related specifications by supporting the following aspects.
Algorithm type | Algorithm | URI |
---|---|---|
Digest | SHA1 | http://www.w3.org/2000/09/xmldsig#sha1 |
Signature | DSA with SHA1 (validation only) | http://www.w3.org/2000/09/xmldsig#dsa-sha1 |
Signature | RSA with SHA1 | http://www.w3.org/2000/09/xmldsig#rsa-sha1 |
Canonicalization | Exclusive XML canonicalization (without comments) | http://www.w3.org/2001/10/xml-exc-c14n# |
Algorithm | URI |
---|---|
Triple Data Encryption Standard algorithm (Triple DES) | http://www.w3.org/2001/04/xmlenc#tripledes-cbc |
Advanced Encryption Standard (AES) algorithm with a key length of 128 bits | http://www.w3.org/2001/04/xmlenc#aes128-cbc |
Advanced Encryption Standard (AES) algorithm with a key length of 192 bits | http://www.w3.org/2001/04/xmlenc#aes192-cbc |
Advanced Encryption Standard (AES) algorithm with a key length of 256 bits | http://www.w3.org/2001/04/xmlenc#aes256-cbc |
Algorithm | URI |
---|---|
Key transport (public key cryptography) RSA Version 1.5 | http://www.w3.org/2001/04/xmlenc#rsa-1_5 |
SAML passthru support is provided, which enables interoperability with WS-Security SAML profiles, without performing subject confirmation processing. This means that it does not provide validation of the trust relationship between the SAML subject and message content signatures.
The token is passed through for processing by the message flow security manager, which passes the token to a WS-Trust STS for processing.