Dialog WS-Security Configuration - Input

(Input Listener Connector)

In this dialog you have the following options:

Service authentication

Authentication of the Web service is always required when you are using WS-Security. The certificate handshake guarantees the service consumer that it reached the requested service. The certificates are also used for encrypting the message.

  • Password: Enter the password of your private key.

  • Keystore: For loading the keystore file (*.jks) containing the private key. After loaded the king its validity is displayed.

Consumer authentication

  • Establish high-performance secure session (WS-SecureConversation)

    Creates a security context which allows for a single sign-on: If the authenticated Web service consumer calls the Web service again, it must not authenticate itself again.

  • Security mechanism

    Select one of the following:

    • Service & Consumer authentication with XML encryption and signature

      Requires an authentication from the service and the consumer. Data is encrypted by XML encryption.

    • Service & Consumer authentication with transport layer security (TLS)

      Requires an authentication from the service and the consumer. Data is encrypted by TLS.

    • Only Service authentication with transport layer security (TLS)

      Requires an authentication from the service. Data is encrypted by TLS.

    • Security Token Service issued Token with Service Certificate (STS)

      (only in Single Mode)

      For securing the service with an STS.

      Refer to Security Token Service Connector

      For more information on security mechanisms refer to https://docs.oracle.com/cd/E19355-01/820-1072/6ncp48v3q/index.html.

  • X.509 Truststore: Select file button

    If a security mechanism including consumer authentication is selected, the service consumer can authenticate itself via X.509 certificates.

    The Select file button opens a file explorer for loading the truststore containing the public keys of the service consumer. A truststore file has the .jks extension.

    If X509 consumer authentication is activated, the "WSAuthSubject" variable containing certificate information is set.

  • Username/Password (UsernameToken)

    If a security mechanism including consumer authentication is selected, the service consumer can authenticate itself via the username.

    Use the following options to define how the username token is to be processed:

    • Internal user administration

      The username token is validated against the internal user administration of the INUBIT software.

    • Authentication by workflow

      The username token is authenticated within a workflow. The username token-password is encrypted as password property and handed over to the workflow as an XML structure.

      The authentication is successful if no error is thrown in the workflow.

Press Esc to exit full screen
Modal image placeholder
Press Esc to exit full screen