Security Action | Options | Usage/Resolution Order |
UsernameToken | WS Security Header User Name and Password | |
Signature Verification | 1. WS Security Header Public key included in the header 2. Certificate Mapping Public key (certificate) associated with resolved user and Usage (in the order specified below) for one of: Verify VerifyAndEncrypt SSL | |
Validate signing certificate | 1. Endpoint Alias WS Security Properties/Truststore 2. Listener (Port) Settings Listener Specific Credentials/Truststore Alias 3. Server Settings Truststore/Truststore Alias | |
Authenticate with signing certificate | Certificate Mapping User associated with signed certificate (public key) and Usage of one of the following: MessageAuth Verify VerifyAndEncrypt SSL | |
Decryption | 1. Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 2. Listener (Port) Settings Listener Specific Credentials/Keystore Alias Listener Specific Credentials/Key Alias 3. Server Settings Decryption Key/Keystore Alias Decryption Key/Key Alias 4. Server Settings SSL Key/Keystore Alias SSL Key/Key Alias | |
X.509 Authentication | Certificate Mapping User associated with signed certificate (public key) and Usage of one of the following: MessageAuth Verify VerifyAndEncrypt SSL | |
Validate certificate | 1. Endpoint Alias WS Security Properties/Truststore 2. Listener (Port) Settings Listener Specific Credentials/Truststore Alias 3. Server Settings Truststore/Truststore Alias | |
SAML Authentication Note: You can only use SAML authentication when using WS-SecurityPolicy. The WS-Security facility does not support SAML authentication. | Certificate Mapping User associated with the sender certificate (public key) and Usage of one of the following: MessageAuth Verify VerifyAndEncrypt SSL | |
Validate Security Token Service� (STS) certificate | 1. Endpoint Alias WS Security Properties/Truststore 2. Listener (Port) Settings Listener Specific Credentials/Truststore Alias 3. Server Settings Truststore/Truststore Alias |